Implementing Juniper Networks Secure Analytics (IJSA)

Course Number:

N/A

Audience:

This course is intended for network engineers, support personnel, reseller support and anyone responsible for implementing the JSA system.
Course Duration:
3 days

Prerequisites:

This course assumes experience in network security administration and a basic knowledge of network security concepts and TCP/IP operation.

Course Objectives:

After successfully completing this course, students should be able to:

  • Explain the role of the Network Director
  • Describe the JSA system and its basic functionality
  • Describe the hardware used with the JSA system
  • Identify the technology behind the JSA system
  • Identify the JSA system’s primary design divisions; display versus detection, and events versus traffic
  • Plan and prepare for a new installation
  • Access the administration console
  • Configure the network hierarchy
  • Configure the automatic update process
  • Access the Deployment Editor
  • Describe the JSA system’s internal processes
  • Describe event and flow source configuration
  • List key features of the JSA architecture
  • Describe the JSA system’s processing logic
  • Interpret the correlation of flow and event data
  • List the architectural component that provides each key function
  • Describe Events and explain where they come from
  • Access the Log Activity interface
  • Execute Event searches
  • Describe flows and their origin
  • Configure the Network Activity interface
  • Execute Flow searches
  • Specify the JSA system’s Asset Management and Vulnerability Assessment functionality
  • Access the Assets interface
  • View Asset Profile data
  • View Server Discovery
  • Access the Vulnerability Assessment Scan Manager to produce vulnerability assessments (VAs)
  • Access vulnerability scanner configuration
  • View vulnerability profiles
  • Describe rules
  • Configure rules
  • Configure Building Blocks (BBs)
  • Explain how rules and flows work together
  • Access the Offense Manager interface
  • Understand Offense types
  • Configure Offense actions
  • Navigate the Offense interface
  • Explain the Offense summary screen
  • Search Offenses
  • Use the JSA system’s Reporting functionality to produce graphs and reports
  • Navigate the Reporting interface
  • Configure Report Groups
  • Demonstrate Report Branding
  • View Report formats
  • Identify the basic information on maintaining and troubleshooting the JSA system
  • Navigate the JSA dashboard
  • List flow and event troubleshooting steps
  • Access the Event Mapping Tool
  • Configure Event Collection for Junos devices
  • Configure Flow Collection for Junos devices
  • Explain High Availability (HA) functionality on a JSA device
Course Outline:
  • Course Introduction

 

  • Product Overview
    • Overview of the JSA Series Device
    • Hardware
    • Collection
    • Operational Flow

 

  • Initial Configuration
    • A New Installation
    • Administration Console
    • Platform Configuration
    • Deployment Editor
    • Lab One: Initial Configuration

 

  • Architecture
    • Processing Log Activity
    • Processing Network Activity
    • JSA Deployment Options

 

  • Log Activity
    • Log Activity Overview
    • Configuring Log Activity
    • Lab Two: Log Activity

 

  • Network Activity
    • Network Activity Overview
    • Configuring Network Activity
    • Lab Three: Network Activity

 

  • Assets and Vulnerability Assessment
    • Asset Interface
    • Vulnerability Assessment
    • Vulnerability Scanners
    • Lab Four: Assets and Vulnerability Assessment

 

  • Rules
    • Rules
    • Configure Rules and Building Blocks
    • Lab Five: Rules

 

  • Offense Manager
    • Offense Manager
    • Offense Manager Configuration
    • Offense Investigation
    • Lab Six: Configure the Offense Manager

 

  • JSA Reporting
    • Reporting Functionality
    • Reporting Interface
    • Lab Seven: Reporting

 

  • Basic Tuning and Troubleshooting
    • Basic Tuning
    • Troubleshooting

 

  • Configuring Junos Devices for Use with JSA
    • Collecting Junos Events
    • Collecting Junos Flows
    • Lab Eight: Configuring Junos Devices for JSA

 

  • Appendix A: High Availability
    • High Availability
    • Configuring High Availability

Related Posts

About Us
Ntier company logo

IT Training, Agile Ways of Working and High Impact Talent Development Strategies

Let Us Come to You!

Classes recently delivered in: Atlanta, Boston, Chicago, Columbus, Dallas, Detroit, Indianapolis, Jerusalem, London, Milan, New York, Palo Alto, Phoenix, Pittsburgh, Portland, Raleigh, San Antonio, San Diego, San Francisco, San Jose, Seattle, Springfield, Mass., St. Louis, Tampa and more!