JNCIP-SEC Security Certification Boot Camp

Course ID


Course Description

In this hands-on course, you will prepare for your JNCIP-SEC certification by experiencing both the JIPS and AJSEC courses. You will learn the concepts, ideas, and terminology relating to providing intrusion prevention using the SRX Series platform. Hands-on labs provide you with the opportunity to configure various IPS features and to test and analyze those functions. And through the AJSEC portion you will go deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with Juniper Networks SRX Series Services Gateways. Through demonstrations and hands-on labs, you will gain experience configuring and monitoring advanced security features of the Junos operating system. The hands-on labs will also provide you with an introduction to the Intrusion Prevention System (JIPS) feature set available on the Juniper Networks SRX Series Services Gateway.


  • Introduction to the Junos Operating System (IJOS)
  • Junos Routing Essentials (JRE)

  • Audience

    Network technicians and engineers responsible for configuring and monitoring the IPS aspects of SRX Series devices, and implementing, monitoring, and troubleshooting Junos security components

    Course Content

  • Types of intrusions and network penetration steps
  • How to access the SRX Series Services Gateways with IPS functionality for configuration and management
  • How to configure the SRX Series Services Gateways for IPS functionality
  • Steps that the IPS engine takes when inspecting packets
  • Components of IPS rules and rulebases
  • Types of signature-based attacks
  • Uses of custom signatures and how to configure them
  • How scanning can be used to gather information about target networks
  • Configure screens to block various scan types
  • Commonly used evasion techniques and how to block them
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
  • Mechanisms available on the SRX Series device to detect and block DoS and DDoS attacks
  • Configure screens to block DoS and DDoS attacks
  • Reporting capabilities available for IPS functionality
  • Terms and concepts related to intrusion prevention
  • Functions and features available on the SRX Series platform that provide IPS functionality
  • Configure fundamental IPS features and functions on an SRX240 device
  • Security supported by the Junos OS
  • Junos security handling at Layer 2 vs. Layer 3
  • Placement and traffic distribution of the various components of SRX devices
  • Configure, utilize, and monitor the various interface types available to the SRXSeries product line
  • Junos OS processing of Application Layer Gateways (ALGs)
  • Alter the Junos default behavior of ALG and application processing
  • Implement address books with dynamic addressing
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
  • Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • Junos routing instance types used for virtualization
  • Implement virtual routing instances
  • Configure route sharing between routing instances using logical tunnel interfaces
  • Implement selective packet-based forwarding
  • Implement filter-based forwarding
  • Implement static, source, destination, and dual NAT in complex LAN environments
  • Implement variations of cone or persistent NAT
  • Interaction between NAT and security policy
  • Implement optimized chassis clustering IP version 6 (IPv6) support for chassis clusters
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls
  • Monitor the operations of the various IPsec VPN implementations
  • Public key cryptography for certificates
  • Junos tools for troubleshooting Junos security implementations
  • Perform successful troubleshooting of some common Junos security issues
  • For More Information

    For training inquiries, call 850-308-1376

    or email us at eramos@gbsi.com

    Course Details

    Duration - 5 days
    Price - $3895.00 USD

    (Discounts may apply. Call for more information.)

    Course Actions

    Acceletrain Collaborative Learning Environment (formerly know as VILT) places industry certified and expert instructors, peers, learners and multi-media components into a "borderless classroom", and interactive learning environment that can span multiple physical locations. VILT combines the benefits of the traditional brick-and-mortar classroom with innovative learning techniques and the cost savings of internet-based training.