Global Knowledge

Juniper Networks Design Security

Par Global Knowledge

Objectifs

  • After successfully completing this course, you should be able to:
  • Identify high level security challenges with different design architectures.
  • Explain the value of implementing security solutions in any network design.
  • Identify key factors in Juniper Networks security focus.
  • List and describe the security platforms and solutions offered by Juniper Networks.
  • Perform the steps necessary to identify customer security requirements.
  • Explain what is required to define the scope of the security design.
  • Identify the data required to perform a data analysis of the customer’s existing network and use that information in the design.
  • Describe traditional security practices used to secure a network.
  • Explain the added capabilities that next generation firewalls provide.
  • Explain the evolution of modern security models.
  • Describe intelligent networks.
  • Explain how Software-Defined Secure Networking improves security in network design.
  • Explain the need for centralized Security Management.
  • Describe what Junos Space Security Director can do to manage network security.
  • Describe the function of Juniper Secure Analytics in managing network security.
  • List the main components of the Juniper Automation Stack.
  • Explain Juniper Networks automation solutions.
  • Describe the benefits of automating security.
  • Describe how security works in a virtualized environment.
  • Explain the benefits of service chaining.
  • Describe Juniper Virtual SRX and Container SRX products.
  • Describe network virtualization with VMware NSX.
  • Describe the benefits of HA with security devices.
  • Discuss how to handle asymmetric traffic with security devices.
  • Describe different options for SRX chassis cluster deployments.
  • Describe the main security concerns for the campus and the branch networks.
  • Explain end-to-end security concepts.
  • Describe security functions at different network layers.
  • Explain network authentication and access control concepts.
  • Describe common campus and branch network security design examples.
  • Describe security considerations for the enterprise WAN.
  • Explain when to use IPsec and NAT in the enterprise WAN.
  • Explain virtual router applications for the enterprise WAN.
  • Discuss security best practices in the enterprise WAN.
  • Describe security in the service provider WAN.
  • Discuss security best practices for the service provider WAN.
  • Discuss the security requirements and design principles of the data center.
  • Describe the security elements of the data center.
  • Explain how to simplify security in the data center.
  • Discuss the security enforcement layers in the data center.

Programme

  • Chapter 1: Course Introduction
  • Chapter 2:Security in Network Design
  • The Value of Security in Network Design
  • Juniper's Security Focus
  • Chapter 3: Assessing Security in Network Design
  • Overview
  • Customer Security Requirements
  • Customer Scope
  • Data Analysis
  • Chapter 4: Traditional Security Architectures
  • Traditional Security Practices
  • NAT
  • IPsec VPNs
  • Next Generation Firewalls
  • Unified Threat Management
  • Lab: Designing a Traditional Security Architecture
  • Chapter 5: Modern Security Principles
  • Modern Security Model
  • Designing an Intelligent Network
  • Use Cases
  • Modularity in Security Design
  • Lab: Designing for Security Intelligence
  • Chapter 6: Managing Security
  • Security Management Challenges
  • Junos Space Security Director
  • Juniper Secure Analytics
  • Lab: Security Management
  • Chapter 7: Automating Security
  • Automating Security Introduction
  • Juniper Automation Stack
  • Juniper Automation Tools
  • Automating Security
  • Lab: Automating Security
  • Chapter 8: Virtualizing Security
  • Security in a Virtualized Environment
  • Virtual SRX
  • Security with SDN and NFV
  • Container SRX
  • Network Virtualization with VMware NSX
  • Lab: Virtualizing Security
  • Chapter 9: Providing High Availability in Security Design
  • Benefits of High Availability with Security Devices
  • Implementing Physical High Availability
  • Asymmetrical Traffic Handling
  • SRX Chassis Clustering
  • Lab: High Availability
  • Chapter 10: Securing the Campus and Branch
  • Campus and Branch Security: An Overview
  • Network Segmentation and Perimeter Security
  • Application-Level Security
  • Access Control and Authentication
  • Layer 2 Security Functions
  • Case Studies and Example Architectures
  • Lab: Designing for Campus and Branch Security
  • Chapter 11: Securing the Enterprise WAN
  • Security in the Enterprise WAN: An Overview
  • Best Practices and Considerations
  • Case Studies and Example Architectures
  • Lab: Designing for Enterprise WAN Security
  • Chapter 12: Securing the Service Provider WAN
  • Security in the Service Provider WAN: An Overview
  • Best Practices and Considerations
  • Case Studies and Example Architectures
  • Lab: Designing for Service Provider WAN Security
  • Chapter 13: Securing the Data Center
  • Overview of Data Center Security
  • Security Elements
  • Simplifying Security in the Data Center
  • Advanced Data Center Security
  • Lab: Securing the Data Center
  • Appendix A: Juniper Security Solutions
  • Security Products and Solutions