Juniper Service Provider Edge Security
- Duration: 3 Days (24 Hours)
Highlights
- Certified Trainers
- Practice Labs
- Digital Courseware
- Access to the Recordings
- Experience 24*7 Learner Support.
Download Course Brochure
Juniper Service Provider Edge Security Training Course Overview
In this three-day course, participants explore edge security concepts tailored for service provider networks. The curriculum delves into 5G network security on primary GPRS interfaces and covers deploying SRX Series devices across various service provider network segments. Key topics include the implementation of CGNAT, DDoS mitigation, malware inspection, command-and-control prevention, IPsec tunnels, 5G security considerations, control plane hardening, and BGP security measures. Through hands-on labs and demonstrations, students gain practical experience in configuring, testing, and troubleshooting the Junos OS. The course aligns with Junos OS 21.1R1.11.
Intended Audience For Juniper Service Provider Edge Security Training
- Network Security Professionals
- Service Provider Network Engineers
- Network Administrators
- Security Administrators
- IT Professionals involved in Service Provider Edge Security
- Individuals responsible for designing, implementing, and managing security measures in service provider networks.
Learning objectives for the Juniper Service Provider Edge Security training course
- Define the general security architecture for 4G and 5G networks.
- Configure data plane security protections.
- Explain DoS and DDoS attacks.
- Describe BGP Flowspec in protecting against DDoS attacks.
- Explain the Corero solution for DDoS attacks.
- Describe the use of stateful firewalls.
- Explain the use of ALGs in stateful security firewalls.
- Explain how to secure BGP on Junos devices.
- Describe how to use IPsec to secure traffic.
- Explain the new IoT threat to networks.
- Describe AutoVPN IPsec architectures.
- Explain the use and configuration of CGNAT on SRX Series devices.
Enquire Now
Benefits of taking the Juniper Service Provider Edge Security training
- Specialized Service Provider Focus: Tailored for professionals working in service provider environments, the training provides a specialized focus on security aspects relevant to service provider edge networks.
- 5G Network Security: Gain insights into security considerations for 5G networks, addressing the unique challenges and requirements of next-generation mobile networks.
- SRX Series Configuration: Acquire hands-on experience in configuring, testing, and troubleshooting Juniper Networks SRX Series devices, which are widely used in service provider networks.
- CGNAT Implementation: Learn to implement Carrier-Grade Network Address Translation (CGNAT), a crucial technology for managing IPv4 address shortages in service provider networks.
- DDoS Mitigation: Understand Distributed Denial of Service (DDoS) attack mitigation techniques and strategies, enhancing your ability to protect service provider networks from malicious traffic.
- Malware Inspection: Explore methods for inspecting and mitigating malware within service provider networks, ensuring the security of customer traffic.
- Command-and-Control Prevention: Learn about measures to prevent command-and-control (C2) attacks, enhancing the overall security posture of service provider edge environments.
- IPsec Tunnels: Gain proficiency in configuring and managing IPsec tunnels, an essential component for securing communication between network elements in a service provider context.
- Control Plane Hardening: Understand and implement control plane hardening techniques, securing the critical control plane infrastructure of service provider networks.
- BGP Hardening: Explore strategies for hardening the Border Gateway Protocol (BGP), a foundational protocol in service provider networks, against potential security threats.
- Configuration, Testing, and Troubleshooting: Acquire practical skills through hands-on labs, allowing you to configure, test, and troubleshoot security features in a realistic environment.
- Aligned with Junos OS 21.1R1.11: Stay up-to-date with the latest Junos OS release, ensuring that your skills are aligned with the most recent advancements and features.
- Enhanced Security Expertise: Deepen your expertise in service provider edge security, making you a valuable asset for organizations looking to strengthen their network security measures.
- Preparation for Certifications: Prepare for relevant Juniper certifications related to service provider security, demonstrating your proficiency in securing networks in a service provider context.
- Career Advancement: Differentiate yourself in the job market by acquiring specialized skills in service provider edge security, opening up opportunities for career advancement in the service provider domain.
Juniper Service Provider Edge Security Training Course Modules
Module 1: Course Introduction
- Overview of the course objectives and structure.
Module 2: Security Challenges for Service Providers
- Describing limitations of security devices
- Describing DDoS attack threats
- Describing BGP security threats
- Explaining IP address depletion challenges
- Describing 5G security challenges
Module 3: Juniper Networks Solutions for Service Providers
- Describing Juniper Networks’ security solutions for service provider challenges
Module 4: Stateful Firewalls
- Describing stateless firewall filters
- Describing stateful firewall policies
- Describing screens and ALGs
- Explaining asymmetrical routing
- Lab 1: Configure Stateful Firewalls
Module 5: 5G Architecture using SRX Series Devices
- Describing security insertion points
- Describing 5G network evolution
Module 6: DDoS Protection
- Explaining DDoS history and common protections
- Describing SRX DDoS protection
- Describing BGP FlowSpec
- Describing Corero with MX DDoS protection
- Lab 2: DDoS Protection
Module 7: Carrier-Grade NAT
- Explaining IPv4 address exhaustion
- Describing Source NAT
- Describing CGNAT
- Describing NAT64
- Lab 3: CGNAT
Module 8: Juniper Connected Security for Service Providers
- Explaining Juniper Connected Security
- Describing SecIntel feeds
- Describing a use case for IoT protection
- Lab 4: Implementing Juniper Connected Security
Module 9: IPsec Overview
- Describing the IPsec and IKE protocols
- Configuring site-to-site IPsec VPNs
- Describing and configuring Proxy IDs and Traffic selectors
- Monitoring site-to-site IPsec VPNs
- Describing IPsec use with gNodeB devices
- Lab 5: Site-to-Site IPsec VPN
Module 10: Scaling IPsec
- Describing and implementing PKI certificates in Junos OS
- Describing AutoVPN
- Describing SecGW firewall use case for scaling IPsec
- Lab 6: Configuring AutoVPN
Module 11: GPRS and GTP
- Describing how to secure GTP tunnels
- Describing the GPRS protocol
- Describing the GTP
- Explaining how Roaming Firewall secures GTP
Module 12: SCTP
- Describing the SCTP
Module 13: Securing the Control Plane
- Explaining how to secure the control plane on Junos devices
- Describing how the loopback filter works to secure the control plane
- Explaining how to protect the control plane from DDoS attacks
- Describing how to secure the IGP against attacks
- Lab 7: Configure Control Plane Protections
Module 14: Securing the BGP
- Describing how to secure the BGP
- Describing BGP security features
- Describing BGP dampening
- Lab 8: Configure BGP Protections
Juniper Service Provider Edge Security Training Course Prerequisites
- Intermediate level of TCP/IP networking and security knowledge
- Attend the Introduction to Juniper Security (IJSEC) course before attending this class
Discover the perfect fit for your learning journey
Choose Learning Modality For Juniper Service Provider Edge Security Training
Live Online
- Convenience
- Cost-effective
- Self-paced learning
- Scalability
Classroom
- Interaction and collaboration
- Networking opportunities
- Real-time feedback
- Personal attention
Onsite
- Familiar environment
- Confidentiality
- Team building
- Immediate application
Don’t Just Take Our Word for It
Read what our satisfied clients have to say about their transformative experiences
Got more questions? We’re all ears and ready to assist!