Juniper Service Provider Edge Security -

Juniper Service Provider Edge Security

Duration: 3 Days (24 Hours)

Highlights

Certified Trainers
Practice Labs
Digital Courseware
Access to the Recordings
Experience 24*7 Learner Support.

Download Course Brochure

Overview

Course Details

Prerequisites

Juniper Service Provider Edge Security Training Course Overview

In this three-day course, participants explore edge security concepts tailored for service provider networks. The curriculum delves into 5G network security on primary GPRS interfaces and covers deploying SRX Series devices across various service provider network segments. Key topics include the implementation of CGNAT, DDoS mitigation, malware inspection, command-and-control prevention, IPsec tunnels, 5G security considerations, control plane hardening, and BGP security measures. Through hands-on labs and demonstrations, students gain practical experience in configuring, testing, and troubleshooting the Junos OS. The course aligns with Junos OS 21.1R1.11.

Intended Audience For Juniper Service Provider Edge Security Training

Network Security Professionals
Service Provider Network Engineers
Network Administrators
Security Administrators
IT Professionals involved in Service Provider Edge Security
Individuals responsible for designing, implementing, and managing security measures in service provider networks.

Learning objectives for the Juniper Service Provider Edge Security training course

Define the general security architecture for 4G and 5G networks.
Configure data plane security protections.
Explain DoS and DDoS attacks.
Describe BGP Flowspec in protecting against DDoS attacks.
Explain the Corero solution for DDoS attacks.
Describe the use of stateful firewalls.
Explain the use of ALGs in stateful security firewalls.
Explain how to secure BGP on Junos devices.
Describe how to use IPsec to secure traffic.
Explain the new IoT threat to networks.
Describe AutoVPN IPsec architectures.
Explain the use and configuration of CGNAT on SRX Series devices.

Enquire Now

Benefits of taking the Juniper Service Provider Edge Security training

Specialized Service Provider Focus: Tailored for professionals working in service provider environments, the training provides a specialized focus on security aspects relevant to service provider edge networks.
5G Network Security: Gain insights into security considerations for 5G networks, addressing the unique challenges and requirements of next-generation mobile networks.
SRX Series Configuration: Acquire hands-on experience in configuring, testing, and troubleshooting Juniper Networks SRX Series devices, which are widely used in service provider networks.
CGNAT Implementation: Learn to implement Carrier-Grade Network Address Translation (CGNAT), a crucial technology for managing IPv4 address shortages in service provider networks.
DDoS Mitigation: Understand Distributed Denial of Service (DDoS) attack mitigation techniques and strategies, enhancing your ability to protect service provider networks from malicious traffic.
Malware Inspection: Explore methods for inspecting and mitigating malware within service provider networks, ensuring the security of customer traffic.
Command-and-Control Prevention: Learn about measures to prevent command-and-control (C2) attacks, enhancing the overall security posture of service provider edge environments.
IPsec Tunnels: Gain proficiency in configuring and managing IPsec tunnels, an essential component for securing communication between network elements in a service provider context.
Control Plane Hardening: Understand and implement control plane hardening techniques, securing the critical control plane infrastructure of service provider networks.
BGP Hardening: Explore strategies for hardening the Border Gateway Protocol (BGP), a foundational protocol in service provider networks, against potential security threats.
Configuration, Testing, and Troubleshooting: Acquire practical skills through hands-on labs, allowing you to configure, test, and troubleshoot security features in a realistic environment.
Aligned with Junos OS 21.1R1.11: Stay up-to-date with the latest Junos OS release, ensuring that your skills are aligned with the most recent advancements and features.
Enhanced Security Expertise: Deepen your expertise in service provider edge security, making you a valuable asset for organizations looking to strengthen their network security measures.
Preparation for Certifications: Prepare for relevant Juniper certifications related to service provider security, demonstrating your proficiency in securing networks in a service provider context.
Career Advancement: Differentiate yourself in the job market by acquiring specialized skills in service provider edge security, opening up opportunities for career advancement in the service provider domain.

Juniper Service Provider Edge Security Training Course Modules

Module 1: Course Introduction

Overview of the course objectives and structure.

Module 2: Security Challenges for Service Providers

Describing limitations of security devices
Describing DDoS attack threats
Describing BGP security threats
Explaining IP address depletion challenges
Describing 5G security challenges

Module 3: Juniper Networks Solutions for Service Providers

Describing Juniper Networks’ security solutions for service provider challenges

Module 4: Stateful Firewalls

Describing stateless firewall filters
Describing stateful firewall policies
Describing screens and ALGs
Explaining asymmetrical routing
Lab 1: Configure Stateful Firewalls

Module 5: 5G Architecture using SRX Series Devices

Describing security insertion points
Describing 5G network evolution

Module 6: DDoS Protection

Explaining DDoS history and common protections
Describing SRX DDoS protection
Describing BGP FlowSpec
Describing Corero with MX DDoS protection
Lab 2: DDoS Protection

Module 7: Carrier-Grade NAT

Explaining IPv4 address exhaustion
Describing Source NAT
Describing CGNAT
Describing NAT64
Lab 3: CGNAT

Module 8: Juniper Connected Security for Service Providers

Explaining Juniper Connected Security
Describing SecIntel feeds
Describing a use case for IoT protection
Lab 4: Implementing Juniper Connected Security

Module 9: IPsec Overview

Describing the IPsec and IKE protocols
Configuring site-to-site IPsec VPNs
Describing and configuring Proxy IDs and Traffic selectors
Monitoring site-to-site IPsec VPNs
Describing IPsec use with gNodeB devices
Lab 5: Site-to-Site IPsec VPN

Module 10: Scaling IPsec

Describing and implementing PKI certificates in Junos OS
Describing AutoVPN
Describing SecGW firewall use case for scaling IPsec
Lab 6: Configuring AutoVPN

Module 11: GPRS and GTP

Describing how to secure GTP tunnels
Describing the GPRS protocol
Describing the GTP
Explaining how Roaming Firewall secures GTP

Module 12: SCTP

Describing the SCTP

Module 13: Securing the Control Plane

Explaining how to secure the control plane on Junos devices
Describing how the loopback filter works to secure the control plane
Explaining how to protect the control plane from DDoS attacks
Describing how to secure the IGP against attacks
Lab 7: Configure Control Plane Protections

Module 14: Securing the BGP

Describing how to secure the BGP
Describing BGP security features
Describing BGP dampening
Lab 8: Configure BGP Protections

Juniper Service Provider Edge Security Training Course Prerequisites

Intermediate level of TCP/IP networking and security knowledge
Attend the Introduction to Juniper Security (IJSEC) course before attending this class

Discover the perfect fit for your learning journey

Choose Learning Modality For Juniper Service Provider Edge Security Training

Live Online

Convenience
Cost-effective
Self-paced learning
Scalability

Classroom

Interaction and collaboration
Networking opportunities
Real-time feedback
Personal attention

Onsite

Familiar environment
Confidentiality
Team building
Immediate application

Don’t Just Take Our Word for It

Read what our satisfied clients have to say about their transformative experiences

Got more questions? We’re all ears and ready to assist!