Juniper Networks Design – Security (JND-SEC)

Overview

This five-day course is designed to cover best practices, theory, and design principles for security design. The course includes traditional and modern security principles such as security design specifics for campus and branch, enterprise wide area network (WAN), service provider WAN, and data center deployments. This course will also include design principles for security management, automation, and virtualization.

Target Audience

This course is targeted specifically for those who have a solid understanding of operation and configuration and are looking to enhance their skill sets by learning the principles of security design.

Prerequisites

The following are the prerequisites for this course:
  • Knowledge of network security concepts, including:
  • Traditional and next-generation firewalls.
  • IPsec VPNs.
  • Network Address Translation (NAT).
  • Security intelligence.
  • Knowledge of Juniper Networks products and solutions.
  • Network automation and virtualization concepts.
  • Basic knowledge of hypervisors and high availability concepts.
  • Completion of the Juniper Networks Design Fundamentals (JNDF) course.

Course Objectives

After successfully completing this course, you should be able to:

  • Describe high level security concepts about the different design architectures.
  • Explain the value of implementing security solutions in any network design.
  • Identify key factors in Juniper Networks security focus.
  • List and describe the security platforms and solutions offered by Juniper Networks.
  • Describe the steps required to identify customer security requirements.
  • Explain what is required to define the scope of the security design.
  • Identify the data required to perform a data analysis of the customer’s existing network and use that information in the design.
  • Describe traditional security practices used to secure a network.
  • Explain the added capabilities that next-generation firewalls provide.
  • Describe recent security trends and explain how these trends effect network design.
  • Describe intelligent networks.
  • Explain how security intelligence improves security in network design.
  • Describe security in the campus and the branch.
  • Discuss best practices for security in the campus and branch.
  • Describe security in the enterprise WAN.
  • Discuss security best practices for the enterprise WAN.
  • Describe security in the service provider WAN.
  • Discuss security best practices for the service provider WAN.
  • Identify security challenges in data centers.
  • Describe security design principles and elements.
  • Describe how to simplify data center security.
  • Identify security management challenges.
  • Describe how to secure individual network devices.
  • Describe the benefits of centralized security management.
  • Describe Juniper automation solutions.
  • Discuss the benefits of security automation.
  • Describe how security works in a virtualized environment.
  • Understand the benefits of service chaining.
  • Understand how VMware NSX works in a virtualized environment.
  • Describe the benefits of high availability with security devices.
  • Discuss how to handle asymmetrical traffic with security devices.
  • Describe how to design an SRX chassis cluster deployment.

Course Outline

Day 1

Chapter 1: Introduction

Chapter 2: Security in Network Design

  • Why Security in Network Design?
  • The Value of Security
  • Juniper's Security Focus
  • Knowledge is King

Chapter 3: Assessing Security in Network Design

  • Customer Security Requirements
  • Customer Scope
  • Data Analysis

Chapter 4: Traditional Security Architectures

  • Traditional Security Practices
  • NAT
  • IPsec VPNs
  • Next Generation Firewalls
  • Security Trends
  • Lab: Designing a Traditional Security Architecture

Day 2

Chapter 5: Modern Security Principles

  • Designing an Intelligent Network
  • Security Intelligence Case Studies
  • Modularity in Security Design
  • Lab: Designing for Security Intelligence

Chapter 6: Managing Security

  • Security Management Challenges
  • Securing Individual Devices
  • Centralized Security Management
  • Lab: Security Management

Day 3

Chapter 7: Automating Security

  • Automating the Network
  • Security Automation Benefits
  • Lab: Security Automation

Chapter 8: Virtualizing Security

  • Security in a Virtualized Environment
  • Implementing SDN
  • Network Virtualization with VMware NSX
  • Lab: Virtualizing Security

Day 4

Chapter 9: Providing High Availability in Security Design

  • Benefits of High Availability with Security Devices
  • Implementing Physical High Availability
  • Assymmetrical Traffic Handling
  • SRX Chassis Clustering
  • Lab: High Availability

Chapter 10: Security the Campus and the Branch

  • Security in the Campus
  • Best Practices and Considerations
  • Case Studies and Example Architectures
  • Lab: Designing for Campus and Branch Security

Chapter 11: Securing the Enterprise WAN

  • Security in the Enterprise WAN
  • Best Practices and Considerations
  • Case Studies and Example Architectures
  • Lab: Designing for Enterprise WAN Security

Day 5

Chapter 12: Securing the Service Provider WAN

  • Security in the Service Provider WAN
  • Best Practices and Considerations
  • Case Studies and Example Architectures
  • Lab: Designing for Service Provider WAN Security

Chapter 13: Securing the Data Center

  • Overview of Data Center Security
  • Security Elements
  • Simplifying Security in the Data Center
  • Security Enforcement Layers
  • Lab: Designing for Data Center Security

SLI Main Menu