AJSEC - Advanced Junos Security


This five-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeper
into Junos security.
Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the
advanced Junos OS security features with advanced coverage of virtualization, AppSecure, advanced Network
Address Translation (NAT) deployments, Layer 2 security, and Sky ATP. This course uses Juniper Networks
SRX Series Services Gateways for the hands-on component. This course is based on Junos OS Release
15.1X49-D70.3 and Junos Space Security Director 16.1. 

Jump to schedule


After successfully completing this course, you should be able to:
 Demonstrate understanding of concepts covered in the prerequisite Junos Security course.
 Describe the various forms of security supported by the Junos OS.
 Implement features of the AppSecure suite, including AppID, AppFW, AppTrack, AppQoS, and SSL
 Configure custom application signatures.
 Describe Junos security handling at Layer 2 versus Layer 3.
 Implement next generation Layer 2 security features.
 Demonstrate understanding of Logical Systems (LSYS).
 Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems.
 Describe Junos routing instance types used for virtualization.
 Implement virtual routing instances in a security setting.
 Describe and configure route sharing between routing instances using logical tunnel interfaces. 
 Utilize Junos tools for troubleshooting Junos security implementations.
 Perform successful troubleshooting of some common Junos security issues.
 Describe and discuss Sky ATP and its function in the network.
 Describe and configure UTM functions.
 Discuss IPS and its function in the network.
 Implement IPS policy.
 Describe and implement SDSN in a network.
 Describe and implement user role firewall in a network.
 Demonstrate the understanding of integrated user firewall. 

Intended audience

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.


Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Introduction to the Junos Operating System (IJOS) and Junos Security (JSEC) courses prior to attending this class.


Day 1
Chapter 1: Course Introduction
Chapter 2: Junos Layer 2 Packet Handling and Security Features
 Transparent Mode Security
 Secure Wire
 Layer 2 Next Generation Ethernet Switching
 MACsec
 Lab 2: Implementing Layer 2 Security
Chapter 3: Virtualization
 Virtualization Overview
 Routing Instances
 Logical Systems
 Lab 3: Implementing Junos Virtual Routing
Chapter 4: AppSecure Theory
 AppSecure Overview
 AppID Overview
 AppID Techniques
 Application System Cache
 Custom Application Signatures
Day 2
Chapter 5: AppSecure Implementation
 AppTrack
 AppFW
 AppQoS
 SSL Proxy
 Lab 4: Implementing AppSecure
Chapter 6: Working with Log Director
 Log Director Overview
 Log Director Components
 Installing and setting up Log Director
 Clustering with the Log Concentrator VM
 Administrating Log Director
 Lab 5: Deploying Log Director
Day 3
Chapter 7: Sky ATP Theory
 Sky ATP Overview 
 Monitoring Sky ATP
 Analysis and Detection of Malware
Chapter 8: Sky ATP Implementation
 Configuring Sky ATP
 Installing Sky ATP
 Analysis and detection of Malware
 Infected Host Case Study
 Lab 6: Instructor Led Sky ATP Demo
Chapter 9: Implementing UTM
 UTM Overview
 AntiSpam
 AntiVirus
 Content and Web Filtering
 Lab 7: Implementing UTM
Day 4
Chapter 10: Introduction to IPS
 IPS Overview
 Network Asset Protection
 Intrusion Attack Methods
 Intrusion Prevention Systems
 IPS Inspection Walkthrough
Chapter 11: IPS Policy and Configuration
 SRX IPS Requirements
 IPS Operation Modes
 Basic IPS Policy Review
 IPS Rulebase Operations
 Lab 8: Implementing Basic IPS Policy
Day 5
Chapter 12: SDSN
 SDSN Overview
 SDSN Components
 SDSN Configuration
 Policy Enforcer Troubleshooting
 SDSN Use Cases
 Lab 9: Implementing SDSN
Chapter 13: Enforcement, Monitoring, and Reporting
 User Role Firewall and Integrated User Firewall Overview
 User Role Firewall Implementation
 Monitoring User Role Firewall
 Integrated User Firewall Implementation
 Monitoring Integrated User Firewall
 Lab 10: Configure User Role Firewall and Integrated User Firewall
Chapter 14: Troubleshooting Junos Security
 Troubleshooting Methodology
 Troubleshooting Tools
 Identifying IPsec Issues
 Lab 11: Performing Security Troubleshooting Techniques
Appendix A: SRX Series Hardware and Interfaces
 Branch SRX Platform Overview 
 High End SRX Platform Overview
 SRX Traffic Flow and Distribution
 SRX Interfaces 


This course is a part of following certificates:


Event From To Location
AJSEC November 6, 2017 November 10, 2017 Virtual Classroom Enroll