he Juniper Networks Certified Specialist Security (JNCIS-SEC) certification track allows you to show core competency with general Juniper Networks security technology and the Junos software for SRX Series devices. In this CBT Nugget series from security expert Michael J. Shannon, you will explore: SRX appliance essentials, security zones, SCREEN options, security policy, NAT and PAT, IPSec VPNs, high availability clustering options, IDP, firewall user authentication, an introduction to UTM, anti-spam filtering, anti-virus protection, content and web filtering, and more.
Note: Nuggetlab files and/or Virtual Nugget Labs referenced in videos are not available until the entire series is complete.
Subscribe now for access to all videos as they're created.
Title Duration 1
Introduction to the Juniper SRX
This first Nugget of the Juniper Networks JNCIS-SEC series answers the question: What is a firewall system? Next, you will get a bit of history of what led up to the Juniper SRX security gateway product line. Then, you will look at the SRX as a branch/remote/retail office security gateway solution along with the related features. Finally, you will go on a web safari to find out about the SRX product line. 00:27:12 2
Junos CLI for the SRX
We need to establish core competency with the Junos CLI early on in order to establish a baseline for the remainder of the JNCIS-SEC series. This Nugget is will function as either a refresher for the earlier JNCIA Nugget series from Michael - or as a Junos CLI Primer for those who are new to Junos or perhaps migrating rapidly from a Cisco (or other vendor) security solution. This Nugget will be the first of many hands-on, real-world Nuggets in this series. 00:38:09 3
SRX Interface and Zone Basics
This Nugget covers the differences between classic firewalls and zone-based firewalls. We also define zones; examine packet flow through a SRX; explore interface basics; and review edit/show commands. 00:35:39 4
Configuring Remote Access to the SRX
We must first explore the SRX factory default configuration - in anticipation of configuring remote access connectivity to the security device. We will configure the interfaces and zones that were discussed in the previous Nugget. Next, we will configure system services like telnet, SSH, and HTTPS. We will confirure a default route as well. Finally, we will look at cennecting to and configuring the SRX with J-Web. 00:37:05 5
Administrative Access Control
This Nugget focuses on the fundamentals of administrative access to the SRX including local users and classes, custom classes, configuring the SRX to use a RADIUS server, demonstarting a possible scenario on a AAA authentication server. 00:38:22 6
System and Network Management
Every Juniper device, including the SRX, needs to have basic system and network management functionality configured early on in the deployment lifecycle. In this Nugget you will learn how to configure four key management services: NTP, DNS, SNMP, and Syslog. 00:38:22 7
Security Policy Basics (Part 1)
Here we will build a strong conceptual foundation for one of the most vital components of the SRX Security Gateway - security policy. You will learn the basic components of security policies (firewall rules), the syntax and logic of the policy, policy flow, and finishing up with address books and address sets. 00:30:53 8
Security Policy Basics (Part 2)
This second part of security policies will look at "Policy in Action." We will explore several real-world case studies that apply fundamental security policies in various scenarios. 00:40:27 9
Security Policy Basics (Part 3)
In this final Nugget on security policy, we take up where part two left off with a proof-of-concept demonstration of a denial policy. Then you will go deeper into syslog with the SRX as you learn how to send data to the Security Threat Response Monitor (STRM). Finally, you will learn methods for performing queries on existing log files and troubleshooting with TraceOptions. 00:29:01 10
NAT - Network Address Translation
Network Address Translation is a method for dealing with IPv4 address space depletion as well as a way to hide the addressing scheme of your security zones. This Nugget defines this important feature and describes the three major types of NAT supported on th SRX. You will also see configuration examples of Source NAT to the interface and a NAT pool. 00:36:16 11
IPsec VPN (Part 1)
Before we explore the vital function of virtual private netwotking on the SRX we must learn the fundamentals of VPNs, the various topologies and flavors, as well as how IPsec operates in a universal way. These concepts will be mastered before diving in to the IPsec distinctives on the Juniper SRX. 00:43:28 12 Video under review 00:00:00 13 Video under review 00:00:00 14 Video under review 00:00:00 15 Video under review
Edited by saqibafzal, 26 November 2012 - 06:18 PM.