Juniper Service Provider Edge Security (JSPES)
This three-day course discusses edge security concepts for the service provider network. It concerns security for 5G networks on the primary GPRS interfaces. Key topics include deploying an SRX Series device in different parts of the service provider network, implementing CGNAT, DDoS, malware inspection, comm&-&-control prevention, IPsec tunnels, 5G security, control plane hardening, & BGP hardening. Students will gain experience configuring, testing, & troubleshooting the Junos OS through demonstrations & hands-on labs. This course is based on Junos OS 21.1R1.11.
Duration: 4 Days (24 Hours)
- Define the general security architecture for 4G & 5G networks.
- Configure data plane security protections.
- Explain DoS & DDoS attacks.
- Explain BGP Flowspec in protecting against DDoS attacks.
- Explain the Corero solution for DDoS attacks.
- Explain the use of stateful firewalls.
- Explain the use of ALGs in stateful security firewalls.
- Explain how to secure BGP on Junos devices.
- Explain how to use IPsec to secure traffic.
- Explain the new IoT threat to networks.
- Explain AutoVPN IPsec architectures.
- Explain the use & configuration of CGNAT on SRX Series devices.
- Intermediate level of TCP/IP networking & security knowledge
- Attend the Introduction to Juniper Security (IJSEC) course before attending this class
This course benefits those responsible for implementing, monitoring, & troubleshooting Juniper security components.
Module 1: Course Introduction
Module 2: Security Challenges for Service Providers
- Explain the limitations of security devices
- Explain DDoS attack threats
- Explain BGP security threats
- Explain IP address depletion challenges
- Explain 5G security challenges
Module 3: Juniper Networks Solutions for Service Providers
- Explain Juniper Networks’ security solutions for the service provider challenges
Module 4: Stateful Firewalls
- Explain stateless firewall filters
- Explain stateful firewall policies
- Explain screens & ALGs
- Explain asymmetrical routing
- Configure Stateful Firewalls
Module 5: 5G Architecture using SRX Series Devices
- Explain security insertion points
- Explain the 5G network evolution
Module 6: DDoS Protection
- Explain DDoS history & common protections
- Explain SRX DDoS protection
- Explain BGP FlowSpec
- Explain Corero with MX DDoS protection
- DDoS Protection
Module 7: Carrier-Grade NAT
- Explain IPv4 address exhaustion
- Explain the Source NAT
- Explain CGNAT
- Explain NAT64
Module 8: Juniper Connected Security for Service Providers
- Explain Juniper Connected Security
- Explain SecIntel feeds
- Explain a use case for IoT protection
- Implementing Juniper Connected Security
Module 9: IPsec Overview
- Explain the IPsec & IKE protocols
- Configure site-to-site IPsec VPNs
- Explain & configure Proxy IDs & Traffic selectors
- Monitor site-to-site IPsec VPNs
- Explain IPsec use with good devices
- Site-to-Site IPsec VPN
Module 10: Scaling IPsec
- Explain & implement PKI certificates in Junos OS
- Explain AutoVPN
- Explain the SecGW firewall use case for scaling IPsec
- Configuring AutoVPN
Module 11: GPRS & GTP
- Explain how to secure GTP tunnels
- Explain the GPRS protocol
- Explain the GTP
- Explain how Roaming Firewall secures GTP
Module 12: SCTP
- Explain the SCTP
- Video about Implementing the Roaming Firewall (Demo)
Module 13: Securing the Control Plane
- Explain how to secure the control plane on Junos devices
- Explain how the loopback filter works to secure the control plane
- Explain how to protect the control plane from DDoS attacks
- Explain how to secure the IGP against attacks
- Configure Control Plane Protections
Module 14: Securing the BGP
- Explain how to secure the BGP
- Explain BGP security features
- Explain BGP dampening
- Configure BGP protections
Q: What is Edge Security?
A: Edge security is the application of security practices at network nodes outside the network core. The edge requires the same fundamental security features as the core network: The whole network must be visible to administrators. Those administrators must use automated monitoring tools.
Q: Who will be the instructor of the training program?
A: Radiant Techlearning has a large pool of in-house certified trainers & consultants with strong backgrounds & working experience in the technology.
Radiant Techlearning offers more than 800+ courses & for each class, Radiant has identified best-in-class instructors.
Radiant has highly intensive selection criteria for Technology Trainers & Consultants who deliver training programs. Our trainers & consultants undergo rigorous technical &behavioral interviews & assessment processes before they board the company.
Our Technology experts/trainers & consultants carry deep-dive knowledge in the technical subject & are certified by the OEM. Our faculty will provide you with the ability of each course from the fundamental level in an easy way & you are free to ask your doubts any time your respective faculty.
Our trainers have patience & ability to explain complex concepts simplistically with depth & width of knowledge.
Q: How will the training be delivered or conducted?
A: Radiant Telelearning offers customized training delivery solutions for individuals, teams & businesses depending on their requirements. Here is how we assist each one through our diverse formats.
Dedicated Classroom Training program
Onsite: To meet the needs & expectations of our corporate clients worldwide, our expert will travel to your location to deliver the training program at a premise of your choice & convenience.
Offsite: Our clients & Individual professionals across the world travel to India to attend our classroom training sessions. We assist them with services like accommodation, Airport picks & drop, daily cab & Visa assistance.
Public Batches: Corporates & Individual professionals across the world can nominate their employees or themselves in our classroom or online public batches. Our public collections would have a limited number of participants to ensure individual attention. As the participants are from different backgrounds & companies, you learn from everyone’s experience.
On-the-Job Learning: Our team of consultants would assist you in executing end-to-end projects & simultaneously learning the technology.
Q: What are the various learning options or training modes available?
A: Radiant Telelearning offers customized solutions & training programs for individuals, teams & businesses depending on their requirements. Here is how we assist each one through our diverse formats.
Individuals / One-O-One Training
- Focused learning sessions
- Programmed scheduling according to your choice
- Get personalized attention
- Choose what technology interests you
Teams: Enroll for our Classroom or online Public Batches
- Get our specialized updated content for different skill levels
- Get on-dem& learning & solve problems quickly
Q: What is the schedule of the training program?
A: Radiant Telelearning offers training programs on weekdays, weekends & a combination of weekdays & weekends. You can always choose the schedule that best suits your need.