JNCIS Security Certification Boot Camp (JSEC, JUTM) · 2017. 5. 18. · JSEC-JUTM [email protected] 01189 123456 JNCIS Security Certification Boot Camp (JSEC, JUTM) Duration:

JSEC-JUTM www.globalknowledge.co.uk [email protected] 01189 123456

JNCIS Security Certification Boot Camp (JSEC, JUTM)

Duration: 4 Days Course Code: JSEC-JUTM

Overview:

Learn to configure and monitor SRX Series devices while preparing for the JNCIS-SEC exam in this accelerated Boot Camp.In this accelerated Boot Camp, you will gain the knowledge needed to succeed on the Juniper Networks Certified Internet Specialist - Security(JNCIS-SEC) exam, and you will gain hands-on experience configuring and monitoring the Junos OS for SRX Series devices.During the first half of class, you will review SRX Series Services Gateway configuration, operation, and implementation in a typical networkenvironment. Key topics include security zones, security policies, intrusion detection and prevention (IDP), Network Address Translation (NAT),High Availability (HA) clusters, and basic implementation, configuration, and management.In the second half, you will cover web filtering, antivirus (AV), anti-spam, and content filtering. Also, through demonstrations and hands-on labs,you will gain experience configuring and monitoring the Unified Threat Management (UTM) features of the Junos OS.

Target Audience:

Network engineers, administrators, support personnel, and reseller support personnel using SRX Series devices Anyone seeking JNCIS-SECcertification.

Objectives:

After successfully completing this course, you should be able to:

Describe traditional routing and security and the current trends in List the SRX Series Services Gateways hardware devices on whichinternetworking. UTM is available.

Provide an overview of SRX Series devices and software Describe the UTM features that require specific licenses.architecture.

Define terms used in the creation of effective antispam UTMDescribe the logical packet flow and session creation performed policies.by SRX Series devices.

Describe the process by which UTM examines traffic for spam.Describe, configure, and monitor zones.

Describe the overall process of configuring an antispam UTM policy.Describe, configure, and monitor security policies.

Describe the kinds of information available from the device when itDescribe, configure, and monitor firewall user authentication. has detected spam.

Describe various types of network attacks. Describe how the AV process examines traffic.

Configure and monitor SCREEN options to prevent network Describe the differences between full file-based AV versus expressattacks. AV.

Explain, implement, and monitor NAT on Junos security Describe the settings that are required for configuring AV protection.


platforms.

Explain how these settings affect scanning performance andExplain the purpose and mechanics of IP Security (IPsec) virtual effectiveness.private networks (VPNs).

Describe options available for scanning supported protocols.Implement and monitor policy-based and route-based IPsecVPNs.

List the general steps required to configure AV.

Utilize and update the IDP signature database.

Describe the statistical information available to verify AVfunctionality.

Configure and monitor IDP policy with policy templates.

Describe content and Web filtering and their purpose.Describe, configure, and monitor high availability chassisclusters.

List and describe each of the parameters used when configuringWeb and content filtering.

Describe the challenges that branch offices present to networkmanagers.

Describe in general terms the steps necessary to configure web andcontent filtering.

List the major features that UTM offers.

Monitor Web and content filtering. Explain how each major feature addresses the challenges of thebranch office.

Prerequisites: Testing and Certification

Attendees should meet the following prerequisites: This course is part of the following programs or tracks:

Introduction to the Junos Operating System (IJOS) Juniper Networks Certified Internet Specialist Security (JNCIS-SEC)Junos Routing Essentials (JRE)

Or

Junos Foundations: JNCIA-Junos Boot Camp (IJOS, JRE)


Content:

Introduction to Junos security platformsline line line

Traditional Routing Traditional Security Traditional SecurityBreaking the Tradition Breaking the TraditionThe Junos OS Architecture The Junos OS Architecture

line Zone Configuration Zone ConfigurationTraditional Security Monitoring Security Zones Monitoring Security ZonesBreaking the Tradition Lab: Configuring and Monitoring Zones Lab: Configuring and Monitoring Zones The Junos OS Architecture Policy Components Policy ComponentsZone Configuration Verifying Policy Operation Verifying Policy OperationMonitoring Security Zones Policy Scheduling and Rematching Policy Scheduling and RematchingLab: Configuring and Monitoring Zones Policy Case Study Policy Case StudyPolicy Components Lab: Security Policies Lab: Security Policies Verifying Policy Operation Pass-Through Authentication Pass-Through AuthenticationPolicy Scheduling and Rematching Web Authentication Web AuthenticationPolicy Case Study Client Groups Client GroupsLab: Security Policies Using External Authentication Servers Using External Authentication ServersPass-Through Authentication Verifying Firewall User Authentication Verifying Firewall User AuthenticationWeb Authentication Lab: Configuring Firewall Authentication Lab: Configuring Firewall Authentication Client Groups Stages and Types of Attacks Stages and Types of AttacksUsing External Authentication Servers Using Junos SCREEN Using Junos SCREENVerifying Firewall User Authentication Options—Reconnaissance Attack Options—Reconnaissance AttackLab: Configuring Firewall Authentication Handling HandlingStages and Types of Attacks Using Junos SCREEN Options—Denial Using Junos SCREEN Options—Denial ofUsing Junos SCREEN of Service Attack Handling Service Attack HandlingOptions—Reconnaissance Attack Handling Using Junos SCREEN Using Junos SCREENUsing Junos SCREEN Options—Denial of Options—Suspicious Packets Attack Options—Suspicious Packets AttackService Attack Handling Handling HandlingUsing Junos SCREEN Options—Suspicious Applying and Monitoring SCREEN Applying and Monitoring SCREEN OptionsPackets Attack Handling Options Lab: Implementing SCREEN Options Applying and Monitoring SCREEN Options Lab: Implementing SCREEN Options Source NAT Operation and ConfigurationLab: Implementing SCREEN Options Source NAT Operation and Configuration Destination NAT Operation andSource NAT Operation and Configuration Destination NAT Operation and ConfigurationDestination NAT Operation and Configuration Static NAT Operation and ConfigurationConfiguration Static NAT Operation and Configuration Proxy ARPStatic NAT Operation and Configuration Proxy ARP Monitoring and Verifying NAT OperationProxy ARP Monitoring and Verifying NAT Operation Lab: Network Address Translation Monitoring and Verifying NAT Operation Lab: Network Address Translation Secure VPN RequirementsLab: Network Address Translation Secure VPN Requirements IPsec DetailsSecure VPN Requirements IPsec Details Configuration of IPsec VPNsIPsec Details Configuration of IPsec VPNs IPsec VPN MonitoringConfiguration of IPsec VPNs IPsec VPN Monitoring Lab: Implementing IPsec VPNs IPsec VPN Monitoring Lab: Implementing IPsec VPNs IDP Policy Components and ConfigurationLab: Implementing IPsec VPNs IDP Policy Components and Signature DatabaseIDP Policy Components and Configuration Configuration Case Study: Applying the RecommendedSignature Database Signature Database IDP PolicyCase Study: Applying the Recommended Case Study: Applying the Recommended Monitoring IDP OperationIDP Policy IDP Policy Lab: Implementing IDP Monitoring IDP Operation Monitoring IDP Operation Chassis Cluster ComponentsLab: Implementing IDP Lab: Implementing IDP Chassis Cluster OperationChassis Cluster Components Chassis Cluster Components Chassis Cluster ConfigurationChassis Cluster Operation Chassis Cluster Operation Chassis Cluster MonitoringChassis Cluster Configuration Chassis Cluster Configuration Lab: Implementing Chassis Clusters Chassis Cluster Monitoring Chassis Cluster Monitoring UTM Feature OverviewLab: Implementing Chassis Clusters Lab: Implementing Chassis Clusters Design BasicsUTM Feature Overview UTM Feature Overview Hardware SupportDesign Basics Design Basics Licensing of FeaturesHardware Support Hardware Support Lab: Connecting to the Lab Equipment andLicensing of Features Licensing of Features Testing Connectivity Lab: Connecting to the Lab Equipment and Lab: Connecting to the Lab Equipment Overview of Antispam ProcessTesting Connectivity and Testing Connectivity UTM Policy OverviewOverview of Antispam Process Overview of Antispam Process Configuration StepsUTM Policy Overview UTM Policy Overview Monitoring AntispamConfiguration Steps Configuration Steps Lab: Configuring an Antispam Policy


Monitoring Antispam Monitoring Antispam Overview of Antivirus ProcessLab: Configuring an Antispam Policy Lab: Configuring an Antispam Policy AV OperationOverview of Antivirus Process Overview of Antivirus Process Full File-based AV ConfigurationAV Operation AV Operation Express AV ConfigurationFull File-based AV Configuration Full File-based AV Configuration Monitoring AVExpress AV Configuration Express AV Configuration Lab: Antivirus Configuration and Testing Monitoring AV Monitoring AV ConfigurationLab: Antivirus Configuration and Testing Lab: Antivirus Configuration and Testing Verification and MonitoringConfiguration Configuration Lab: Configuring Content and WebVerification and Monitoring Verification and Monitoring Filtering Lab: Configuring Content and Web Filtering Lab: Configuring Content and Web

Filtering UTM Overviewline

line Branch Office ChallengesTraditional Security lineBreaking the Tradition Traditional SecurityThe Junos OS Architecture Breaking the Tradition lineZone Configuration The Junos OS Architecture Traditional SecurityMonitoring Security Zones Zone Configuration Breaking the TraditionLab: Configuring and Monitoring Zones Monitoring Security Zones The Junos OS Architecture Policy Components Lab: Configuring and Monitoring Zones Zone ConfigurationVerifying Policy Operation Policy Components Monitoring Security ZonesPolicy Scheduling and Rematching Verifying Policy Operation Lab: Configuring and Monitoring Zones Policy Case Study Policy Scheduling and Rematching Policy ComponentsLab: Security Policies Policy Case Study Verifying Policy OperationPass-Through Authentication Lab: Security Policies Policy Scheduling and RematchingWeb Authentication Pass-Through Authentication Policy Case StudyClient Groups Web Authentication Lab: Security Policies Using External Authentication Servers Client Groups Pass-Through AuthenticationVerifying Firewall User Authentication Using External Authentication Servers Web AuthenticationLab: Configuring Firewall Authentication Verifying Firewall User Authentication Client GroupsStages and Types of Attacks Lab: Configuring Firewall Authentication Using External Authentication ServersUsing Junos SCREEN Stages and Types of Attacks Verifying Firewall User AuthenticationOptions—Reconnaissance Attack Handling Using Junos SCREEN Lab: Configuring Firewall Authentication Using Junos SCREEN Options—Denial of Options—Reconnaissance Attack Stages and Types of AttacksService Attack Handling Handling Using Junos SCREENUsing Junos SCREEN Options—Suspicious Using Junos SCREEN Options—Denial Options—Reconnaissance AttackPackets Attack Handling of Service Attack Handling HandlingApplying and Monitoring SCREEN Options Using Junos SCREEN Using Junos SCREEN Options—Denial ofLab: Implementing SCREEN Options Options—Suspicious Packets Attack Service Attack HandlingSource NAT Operation and Configuration Handling Using Junos SCREENDestination NAT Operation and Applying and Monitoring SCREEN Options—Suspicious Packets AttackConfiguration Options HandlingStatic NAT Operation and Configuration Lab: Implementing SCREEN Options Applying and Monitoring SCREEN OptionsProxy ARP Source NAT Operation and Configuration Lab: Implementing SCREEN Options Monitoring and Verifying NAT Operation Destination NAT Operation and Source NAT Operation and ConfigurationLab: Network Address Translation Configuration Destination NAT Operation andSecure VPN Requirements Static NAT Operation and Configuration ConfigurationIPsec Details Proxy ARP Static NAT Operation and ConfigurationConfiguration of IPsec VPNs Monitoring and Verifying NAT Operation Proxy ARPIPsec VPN Monitoring Lab: Network Address Translation Monitoring and Verifying NAT OperationLab: Implementing IPsec VPNs Secure VPN Requirements Lab: Network Address Translation IDP Policy Components and Configuration IPsec Details Secure VPN RequirementsSignature Database Configuration of IPsec VPNs IPsec DetailsCase Study: Applying the Recommended IPsec VPN Monitoring Configuration of IPsec VPNsIDP Policy Lab: Implementing IPsec VPNs IPsec VPN MonitoringMonitoring IDP Operation IDP Policy Components and Lab: Implementing IPsec VPNs Lab: Implementing IDP Configuration IDP Policy Components and ConfigurationChassis Cluster Components Signature Database Signature DatabaseChassis Cluster Operation Case Study: Applying the Recommended Case Study: Applying the RecommendedChassis Cluster Configuration IDP Policy IDP PolicyChassis Cluster Monitoring Monitoring IDP Operation Monitoring IDP OperationLab: Implementing Chassis Clusters Lab: Implementing IDP Lab: Implementing IDP UTM Feature Overview Chassis Cluster Components Chassis Cluster ComponentsDesign Basics Chassis Cluster Operation Chassis Cluster OperationHardware Support Chassis Cluster Configuration Chassis Cluster Configuration


Licensing of Features Chassis Cluster Monitoring Chassis Cluster MonitoringLab: Connecting to the Lab Equipment and Lab: Implementing Chassis Clusters Lab: Implementing Chassis Clusters Testing Connectivity UTM Feature Overview UTM Feature OverviewOverview of Antispam Process Design Basics Design BasicsUTM Policy Overview Hardware Support Hardware SupportConfiguration Steps Licensing of Features Licensing of FeaturesMonitoring Antispam Lab: Connecting to the Lab Equipment Lab: Connecting to the Lab Equipment andLab: Configuring an Antispam Policy and Testing Connectivity Testing Connectivity Overview of Antivirus Process Overview of Antispam Process Overview of Antispam ProcessAV Operation UTM Policy Overview UTM Policy OverviewFull File-based AV Configuration Configuration Steps Configuration StepsExpress AV Configuration Monitoring Antispam Monitoring AntispamMonitoring AV Lab: Configuring an Antispam Policy Lab: Configuring an Antispam Policy Lab: Antivirus Configuration and Testing Overview of Antivirus Process Overview of Antivirus ProcessConfiguration AV Operation AV OperationVerification and Monitoring Full File-based AV Configuration Full File-based AV ConfigurationLab: Configuring Content and Web Filtering Express AV Configuration Express AV Configuration

Monitoring AV Monitoring AVLab: Antivirus Configuration and Testing Lab: Antivirus Configuration and Testing

line Configuration ConfigurationTraditional Security Verification and Monitoring Verification and MonitoringBreaking the Tradition Lab: Configuring Content and Web Lab: Configuring Content and WebThe Junos OS Architecture Filtering Filtering Zone ConfigurationMonitoring Security Zones Network Address TranslationLab: Configuring and Monitoring Zones line linePolicy Components NAT Overview Traditional SecurityVerifying Policy Operation Breaking the TraditionPolicy Scheduling and Rematching The Junos OS Architecture Policy Case Study line Zone ConfigurationLab: Security Policies Traditional Security Monitoring Security ZonesPass-Through Authentication Breaking the Tradition Lab: Configuring and Monitoring Zones Web Authentication The Junos OS Architecture Policy ComponentsClient Groups Zone Configuration Verifying Policy OperationUsing External Authentication Servers Monitoring Security Zones Policy Scheduling and RematchingVerifying Firewall User Authentication Lab: Configuring and Monitoring Zones Policy Case StudyLab: Configuring Firewall Authentication Policy Components Lab: Security Policies Stages and Types of Attacks Verifying Policy Operation Pass-Through AuthenticationUsing Junos SCREEN Policy Scheduling and Rematching Web AuthenticationOptions—Reconnaissance Attack Handling Policy Case Study Client GroupsUsing Junos SCREEN Options—Denial of Lab: Security Policies Using External Authentication ServersService Attack Handling Pass-Through Authentication Verifying Firewall User AuthenticationUsing Junos SCREEN Options—Suspicious Web Authentication Lab: Configuring Firewall Authentication Packets Attack Handling Client Groups Stages and Types of AttacksApplying and Monitoring SCREEN Options Using External Authentication Servers Using Junos SCREENLab: Implementing SCREEN Options Verifying Firewall User Authentication Options—Reconnaissance AttackSource NAT Operation and Configuration Lab: Configuring Firewall Authentication HandlingDestination NAT Operation and Stages and Types of Attacks Using Junos SCREEN Options—Denial ofConfiguration Using Junos SCREEN Service Attack HandlingStatic NAT Operation and Configuration Options—Reconnaissance Attack Using Junos SCREENProxy ARP Handling Options—Suspicious Packets AttackMonitoring and Verifying NAT Operation Using Junos SCREEN Options—Denial HandlingLab: Network Address Translation of Service Attack Handling Applying and Monitoring SCREEN OptionsSecure VPN Requirements Using Junos SCREEN Lab: Implementing SCREEN Options IPsec Details Options—Suspicious Packets Attack Source NAT Operation and ConfigurationConfiguration of IPsec VPNs Handling Destination NAT Operation andIPsec VPN Monitoring Applying and Monitoring SCREEN ConfigurationLab: Implementing IPsec VPNs Options Static NAT Operation and ConfigurationIDP Policy Components and Configuration Lab: Implementing SCREEN Options Proxy ARPSignature Database Source NAT Operation and Configuration Monitoring and Verifying NAT OperationCase Study: Applying the Recommended Destination NAT Operation and Lab: Network Address Translation IDP Policy Configuration Secure VPN RequirementsMonitoring IDP Operation Static NAT Operation and Configuration IPsec DetailsLab: Implementing IDP Proxy ARP Configuration of IPsec VPNsChassis Cluster Components Monitoring and Verifying NAT Operation IPsec VPN MonitoringChassis Cluster Operation Lab: Network Address Translation Lab: Implementing IPsec VPNs


Chassis Cluster Configuration Secure VPN Requirements IDP Policy Components and ConfigurationChassis Cluster Monitoring IPsec Details Signature DatabaseLab: Implementing Chassis Clusters Configuration of IPsec VPNs Case Study: Applying the RecommendedUTM Feature Overview IPsec VPN Monitoring IDP PolicyDesign Basics Lab: Implementing IPsec VPNs Monitoring IDP OperationHardware Support IDP Policy Components and Lab: Implementing IDP Licensing of Features Configuration Chassis Cluster ComponentsLab: Connecting to the Lab Equipment and Signature Database Chassis Cluster OperationTesting Connectivity Case Study: Applying the Recommended Chassis Cluster ConfigurationOverview of Antispam Process IDP Policy Chassis Cluster MonitoringUTM Policy Overview Monitoring IDP Operation Lab: Implementing Chassis Clusters Configuration Steps Lab: Implementing IDP UTM Feature OverviewMonitoring Antispam Chassis Cluster Components Design BasicsLab: Configuring an Antispam Policy Chassis Cluster Operation Hardware SupportOverview of Antivirus Process Chassis Cluster Configuration Licensing of FeaturesAV Operation Chassis Cluster Monitoring Lab: Connecting to the Lab Equipment andFull File-based AV Configuration Lab: Implementing Chassis Clusters Testing Connectivity Express AV Configuration UTM Feature Overview Overview of Antispam ProcessMonitoring AV Design Basics UTM Policy OverviewLab: Antivirus Configuration and Testing Hardware Support Configuration StepsConfiguration Licensing of Features Monitoring AntispamVerification and Monitoring Lab: Connecting to the Lab Equipment Lab: Configuring an Antispam Policy Lab: Configuring Content and Web Filtering and Testing Connectivity Overview of Antivirus Process

Overview of Antispam Process AV OperationZones UTM Policy Overview Full File-based AV Configurationline Configuration Steps Express AV Configuration

The Definition of Zones Monitoring Antispam Monitoring AVLab: Configuring an Antispam Policy Lab: Antivirus Configuration and Testing Overview of Antivirus Process Configuration

line AV Operation Verification and MonitoringTraditional Security Full File-based AV Configuration Lab: Configuring Content and WebBreaking the Tradition Express AV Configuration Filtering The Junos OS Architecture Monitoring AVZone Configuration Lab: Antivirus Configuration and Testing Monitoring Security Zones Configuration lineLab: Configuring and Monitoring Zones Verification and Monitoring Traditional SecurityPolicy Components Lab: Configuring Content and Web Breaking the TraditionVerifying Policy Operation Filtering The Junos OS Architecture Policy Scheduling and Rematching Zone ConfigurationPolicy Case Study Monitoring Security ZonesLab: Security Policies line Lab: Configuring and Monitoring Zones Pass-Through Authentication Traditional Security Policy ComponentsWeb Authentication Breaking the Tradition Verifying Policy OperationClient Groups The Junos OS Architecture Policy Scheduling and RematchingUsing External Authentication Servers Zone Configuration Policy Case StudyVerifying Firewall User Authentication Monitoring Security Zones Lab: Security Policies Lab: Configuring Firewall Authentication Lab: Configuring and Monitoring Zones Pass-Through AuthenticationStages and Types of Attacks Policy Components Web AuthenticationUsing Junos SCREEN Verifying Policy Operation Client GroupsOptions—Reconnaissance Attack Handling Policy Scheduling and Rematching Using External Authentication ServersUsing Junos SCREEN Options—Denial of Policy Case Study Verifying Firewall User AuthenticationService Attack Handling Lab: Security Policies Lab: Configuring Firewall Authentication Using Junos SCREEN Options—Suspicious Pass-Through Authentication Stages and Types of AttacksPackets Attack Handling Web Authentication Using Junos SCREENApplying and Monitoring SCREEN Options Client Groups Options—Reconnaissance AttackLab: Implementing SCREEN Options Using External Authentication Servers HandlingSource NAT Operation and Configuration Verifying Firewall User Authentication Using Junos SCREEN Options—Denial ofDestination NAT Operation and Lab: Configuring Firewall Authentication Service Attack HandlingConfiguration Stages and Types of Attacks Using Junos SCREENStatic NAT Operation and Configuration Using Junos SCREEN Options—Suspicious Packets AttackProxy ARP Options—Reconnaissance Attack HandlingMonitoring and Verifying NAT Operation Handling Applying and Monitoring SCREEN OptionsLab: Network Address Translation Using Junos SCREEN Options—Denial Lab: Implementing SCREEN Options Secure VPN Requirements of Service Attack Handling Source NAT Operation and ConfigurationIPsec Details Using Junos SCREEN Destination NAT Operation andConfiguration of IPsec VPNs Options—Suspicious Packets Attack Configuration


IPsec VPN Monitoring Handling Static NAT Operation and ConfigurationLab: Implementing IPsec VPNs Applying and Monitoring SCREEN Proxy ARPIDP Policy Components and Configuration Options Monitoring and Verifying NAT OperationSignature Database Lab: Implementing SCREEN Options Lab: Network Address Translation Case Study: Applying the Recommended Source NAT Operation and Configuration Secure VPN RequirementsIDP Policy Destination NAT Operation and IPsec DetailsMonitoring IDP Operation Configuration Configuration of IPsec VPNsLab: Implementing IDP Static NAT Operation and Configuration IPsec VPN MonitoringChassis Cluster Components Proxy ARP Lab: Implementing IPsec VPNs Chassis Cluster Operation Monitoring and Verifying NAT Operation IDP Policy Components and ConfigurationChassis Cluster Configuration Lab: Network Address Translation Signature DatabaseChassis Cluster Monitoring Secure VPN Requirements Case Study: Applying the RecommendedLab: Implementing Chassis Clusters IPsec Details IDP PolicyUTM Feature Overview Configuration of IPsec VPNs Monitoring IDP OperationDesign Basics IPsec VPN Monitoring Lab: Implementing IDP Hardware Support Lab: Implementing IPsec VPNs Chassis Cluster ComponentsLicensing of Features IDP Policy Components and Chassis Cluster OperationLab: Connecting to the Lab Equipment and Configuration Chassis Cluster ConfigurationTesting Connectivity Signature Database Chassis Cluster MonitoringOverview of Antispam Process Case Study: Applying the Recommended Lab: Implementing Chassis Clusters UTM Policy Overview IDP Policy UTM Feature OverviewConfiguration Steps Monitoring IDP Operation Design BasicsMonitoring Antispam Lab: Implementing IDP Hardware SupportLab: Configuring an Antispam Policy Chassis Cluster Components Licensing of FeaturesOverview of Antivirus Process Chassis Cluster Operation Lab: Connecting to the Lab Equipment andAV Operation Chassis Cluster Configuration Testing Connectivity Full File-based AV Configuration Chassis Cluster Monitoring Overview of Antispam ProcessExpress AV Configuration Lab: Implementing Chassis Clusters UTM Policy OverviewMonitoring AV UTM Feature Overview Configuration StepsLab: Antivirus Configuration and Testing Design Basics Monitoring AntispamConfiguration Hardware Support Lab: Configuring an Antispam Policy Verification and Monitoring Licensing of Features Overview of Antivirus ProcessLab: Configuring Content and Web Filtering Lab: Connecting to the Lab Equipment AV Operation

and Testing Connectivity Full File-based AV ConfigurationOverview of Antispam Process Express AV Configuration

line UTM Policy Overview Monitoring AVTraditional Security Configuration Steps Lab: Antivirus Configuration and Testing Breaking the Tradition Monitoring Antispam ConfigurationThe Junos OS Architecture Lab: Configuring an Antispam Policy Verification and MonitoringZone Configuration Overview of Antivirus Process Lab: Configuring Content and WebMonitoring Security Zones AV Operation Filtering Lab: Configuring and Monitoring Zones Full File-based AV ConfigurationPolicy Components Express AV ConfigurationVerifying Policy Operation Monitoring AV linePolicy Scheduling and Rematching Lab: Antivirus Configuration and Testing Traditional SecurityPolicy Case Study Configuration Breaking the TraditionLab: Security Policies Verification and Monitoring The Junos OS Architecture Pass-Through Authentication Lab: Configuring Content and Web Zone ConfigurationWeb Authentication Filtering Monitoring Security ZonesClient Groups Lab: Configuring and Monitoring Zones Using External Authentication Servers Policy ComponentsVerifying Firewall User Authentication line Verifying Policy OperationLab: Configuring Firewall Authentication Traditional Security Policy Scheduling and RematchingStages and Types of Attacks Breaking the Tradition Policy Case StudyUsing Junos SCREEN The Junos OS Architecture Lab: Security Policies Options—Reconnaissance Attack Handling Zone Configuration Pass-Through AuthenticationUsing Junos SCREEN Options—Denial of Monitoring Security Zones Web AuthenticationService Attack Handling Lab: Configuring and Monitoring Zones Client GroupsUsing Junos SCREEN Options—Suspicious Policy Components Using External Authentication ServersPackets Attack Handling Verifying Policy Operation Verifying Firewall User AuthenticationApplying and Monitoring SCREEN Options Policy Scheduling and Rematching Lab: Configuring Firewall Authentication Lab: Implementing SCREEN Options Policy Case Study Stages and Types of AttacksSource NAT Operation and Configuration Lab: Security Policies Using Junos SCREENDestination NAT Operation and Pass-Through Authentication Options—Reconnaissance AttackConfiguration Web Authentication HandlingStatic NAT Operation and Configuration Client Groups Using Junos SCREEN Options—Denial of


Proxy ARP Using External Authentication Servers Service Attack HandlingMonitoring and Verifying NAT Operation Verifying Firewall User Authentication Using Junos SCREENLab: Network Address Translation Lab: Configuring Firewall Authentication Options—Suspicious Packets AttackSecure VPN Requirements Stages and Types of Attacks HandlingIPsec Details Using Junos SCREEN Applying and Monitoring SCREEN OptionsConfiguration of IPsec VPNs Options—Reconnaissance Attack Lab: Implementing SCREEN Options IPsec VPN Monitoring Handling Source NAT Operation and ConfigurationLab: Implementing IPsec VPNs Using Junos SCREEN Options—Denial Destination NAT Operation andIDP Policy Components and Configuration of Service Attack Handling ConfigurationSignature Database Using Junos SCREEN Static NAT Operation and ConfigurationCase Study: Applying the Recommended Options—Suspicious Packets Attack Proxy ARPIDP Policy Handling Monitoring and Verifying NAT OperationMonitoring IDP Operation Applying and Monitoring SCREEN Lab: Network Address Translation Lab: Implementing IDP Options Secure VPN RequirementsChassis Cluster Components Lab: Implementing SCREEN Options IPsec DetailsChassis Cluster Operation Source NAT Operation and Configuration Configuration of IPsec VPNsChassis Cluster Configuration Destination NAT Operation and IPsec VPN MonitoringChassis Cluster Monitoring Configuration Lab: Implementing IPsec VPNs Lab: Implementing Chassis Clusters Static NAT Operation and Configuration IDP Policy Components and ConfigurationUTM Feature Overview Proxy ARP Signature DatabaseDesign Basics Monitoring and Verifying NAT Operation Case Study: Applying the RecommendedHardware Support Lab: Network Address Translation IDP PolicyLicensing of Features Secure VPN Requirements Monitoring IDP OperationLab: Connecting to the Lab Equipment and IPsec Details Lab: Implementing IDP Testing Connectivity Configuration of IPsec VPNs Chassis Cluster ComponentsOverview of Antispam Process IPsec VPN Monitoring Chassis Cluster OperationUTM Policy Overview Lab: Implementing IPsec VPNs Chassis Cluster ConfigurationConfiguration Steps IDP Policy Components and Chassis Cluster MonitoringMonitoring Antispam Configuration Lab: Implementing Chassis Clusters Lab: Configuring an Antispam Policy Signature Database UTM Feature OverviewOverview of Antivirus Process Case Study: Applying the Recommended Design BasicsAV Operation IDP Policy Hardware SupportFull File-based AV Configuration Monitoring IDP Operation Licensing of FeaturesExpress AV Configuration Lab: Implementing IDP Lab: Connecting to the Lab Equipment andMonitoring AV Chassis Cluster Components Testing Connectivity Lab: Antivirus Configuration and Testing Chassis Cluster Operation Overview of Antispam ProcessConfiguration Chassis Cluster Configuration UTM Policy OverviewVerification and Monitoring Chassis Cluster Monitoring Configuration StepsLab: Configuring Content and Web Filtering Lab: Implementing Chassis Clusters Monitoring Antispam

UTM Feature Overview Lab: Configuring an Antispam Policy Design Basics Overview of Antivirus Process

line Hardware Support AV OperationTraditional Security Licensing of Features Full File-based AV ConfigurationBreaking the Tradition Lab: Connecting to the Lab Equipment Express AV ConfigurationThe Junos OS Architecture and Testing Connectivity Monitoring AVZone Configuration Overview of Antispam Process Lab: Antivirus Configuration and Testing Monitoring Security Zones UTM Policy Overview ConfigurationLab: Configuring and Monitoring Zones Configuration Steps Verification and MonitoringPolicy Components Monitoring Antispam Lab: Configuring Content and WebVerifying Policy Operation Lab: Configuring an Antispam Policy Filtering Policy Scheduling and Rematching Overview of Antivirus ProcessPolicy Case Study AV OperationLab: Security Policies Full File-based AV Configuration linePass-Through Authentication Express AV Configuration Traditional SecurityWeb Authentication Monitoring AV Breaking the TraditionClient Groups Lab: Antivirus Configuration and Testing The Junos OS Architecture Using External Authentication Servers Configuration Zone ConfigurationVerifying Firewall User Authentication Verification and Monitoring Monitoring Security ZonesLab: Configuring Firewall Authentication Lab: Configuring Content and Web Lab: Configuring and Monitoring Zones Stages and Types of Attacks Filtering Policy ComponentsUsing Junos SCREEN Verifying Policy OperationOptions—Reconnaissance Attack Handling Policy Scheduling and RematchingUsing Junos SCREEN Options—Denial of line Policy Case StudyService Attack Handling Traditional Security Lab: Security Policies Using Junos SCREEN Options—Suspicious Breaking the Tradition Pass-Through AuthenticationPackets Attack Handling The Junos OS Architecture Web Authentication


Applying and Monitoring SCREEN Options Zone Configuration Client GroupsLab: Implementing SCREEN Options Monitoring Security Zones Using External Authentication ServersSource NAT Operation and Configuration Lab: Configuring and Monitoring Zones Verifying Firewall User AuthenticationDestination NAT Operation and Policy Components Lab: Configuring Firewall Authentication Configuration Verifying Policy Operation Stages and Types of AttacksStatic NAT Operation and Configuration Policy Scheduling and Rematching Using Junos SCREENProxy ARP Policy Case Study Options—Reconnaissance AttackMonitoring and Verifying NAT Operation Lab: Security Policies HandlingLab: Network Address Translation Pass-Through Authentication Using Junos SCREEN Options—Denial ofSecure VPN Requirements Web Authentication Service Attack HandlingIPsec Details Client Groups Using Junos SCREENConfiguration of IPsec VPNs Using External Authentication Servers Options—Suspicious Packets AttackIPsec VPN Monitoring Verifying Firewall User Authentication HandlingLab: Implementing IPsec VPNs Lab: Configuring Firewall Authentication Applying and Monitoring SCREEN OptionsIDP Policy Components and Configuration Stages and Types of Attacks Lab: Implementing SCREEN Options Signature Database Using Junos SCREEN Source NAT Operation and ConfigurationCase Study: Applying the Recommended Options—Reconnaissance Attack Destination NAT Operation andIDP Policy Handling ConfigurationMonitoring IDP Operation Using Junos SCREEN Options—Denial Static NAT Operation and ConfigurationLab: Implementing IDP of Service Attack Handling Proxy ARPChassis Cluster Components Using Junos SCREEN Monitoring and Verifying NAT OperationChassis Cluster Operation Options—Suspicious Packets Attack Lab: Network Address Translation Chassis Cluster Configuration Handling Secure VPN RequirementsChassis Cluster Monitoring Applying and Monitoring SCREEN IPsec DetailsLab: Implementing Chassis Clusters Options Configuration of IPsec VPNsUTM Feature Overview Lab: Implementing SCREEN Options IPsec VPN MonitoringDesign Basics Source NAT Operation and Configuration Lab: Implementing IPsec VPNs Hardware Support Destination NAT Operation and IDP Policy Components and ConfigurationLicensing of Features Configuration Signature DatabaseLab: Connecting to the Lab Equipment and Static NAT Operation and Configuration Case Study: Applying the RecommendedTesting Connectivity Proxy ARP IDP PolicyOverview of Antispam Process Monitoring and Verifying NAT Operation Monitoring IDP OperationUTM Policy Overview Lab: Network Address Translation Lab: Implementing IDP Configuration Steps Secure VPN Requirements Chassis Cluster ComponentsMonitoring Antispam IPsec Details Chassis Cluster OperationLab: Configuring an Antispam Policy Configuration of IPsec VPNs Chassis Cluster ConfigurationOverview of Antivirus Process IPsec VPN Monitoring Chassis Cluster MonitoringAV Operation Lab: Implementing IPsec VPNs Lab: Implementing Chassis Clusters Full File-based AV Configuration IDP Policy Components and UTM Feature OverviewExpress AV Configuration Configuration Design BasicsMonitoring AV Signature Database Hardware SupportLab: Antivirus Configuration and Testing Case Study: Applying the Recommended Licensing of FeaturesConfiguration IDP Policy Lab: Connecting to the Lab Equipment andVerification and Monitoring Monitoring IDP Operation Testing Connectivity Lab: Configuring Content and Web Filtering Lab: Implementing IDP Overview of Antispam Process

Chassis Cluster Components UTM Policy OverviewSecurity Policies Chassis Cluster Operation Configuration Stepsline Chassis Cluster Configuration Monitoring Antispam

Overview of Security Policy Chassis Cluster Monitoring Lab: Configuring an Antispam Policy Lab: Implementing Chassis Clusters Overview of Antivirus ProcessUTM Feature Overview AV Operation

line Design Basics Full File-based AV ConfigurationTraditional Security Hardware Support Express AV ConfigurationBreaking the Tradition Licensing of Features Monitoring AVThe Junos OS Architecture Lab: Connecting to the Lab Equipment Lab: Antivirus Configuration and Testing Zone Configuration and Testing Connectivity ConfigurationMonitoring Security Zones Overview of Antispam Process Verification and MonitoringLab: Configuring and Monitoring Zones UTM Policy Overview Lab: Configuring Content and WebPolicy Components Configuration Steps Filtering Verifying Policy Operation Monitoring AntispamPolicy Scheduling and Rematching Lab: Configuring an Antispam Policy AntispamPolicy Case Study Overview of Antivirus Process lineLab: Security Policies AV Operation Antispam TerminologyPass-Through Authentication Full File-based AV ConfigurationWeb Authentication Express AV ConfigurationClient Groups Monitoring AV line


Using External Authentication Servers Lab: Antivirus Configuration and Testing Traditional SecurityVerifying Firewall User Authentication Configuration Breaking the TraditionLab: Configuring Firewall Authentication Verification and Monitoring The Junos OS Architecture Stages and Types of Attacks Lab: Configuring Content and Web Zone ConfigurationUsing Junos SCREEN Filtering Monitoring Security ZonesOptions—Reconnaissance Attack Handling Lab: Configuring and Monitoring Zones Using Junos SCREEN Options—Denial of Policy ComponentsService Attack Handling line Verifying Policy OperationUsing Junos SCREEN Options—Suspicious Traditional Security Policy Scheduling and RematchingPackets Attack Handling Breaking the Tradition Policy Case StudyApplying and Monitoring SCREEN Options The Junos OS Architecture Lab: Security Policies Lab: Implementing SCREEN Options Zone Configuration Pass-Through AuthenticationSource NAT Operation and Configuration Monitoring Security Zones Web AuthenticationDestination NAT Operation and Lab: Configuring and Monitoring Zones Client GroupsConfiguration Policy Components Using External Authentication ServersStatic NAT Operation and Configuration Verifying Policy Operation Verifying Firewall User AuthenticationProxy ARP Policy Scheduling and Rematching Lab: Configuring Firewall Authentication Monitoring and Verifying NAT Operation Policy Case Study Stages and Types of AttacksLab: Network Address Translation Lab: Security Policies Using Junos SCREENSecure VPN Requirements Pass-Through Authentication Options—Reconnaissance AttackIPsec Details Web Authentication HandlingConfiguration of IPsec VPNs Client Groups Using Junos SCREEN Options—Denial ofIPsec VPN Monitoring Using External Authentication Servers Service Attack HandlingLab: Implementing IPsec VPNs Verifying Firewall User Authentication Using Junos SCREENIDP Policy Components and Configuration Lab: Configuring Firewall Authentication Options—Suspicious Packets AttackSignature Database Stages and Types of Attacks HandlingCase Study: Applying the Recommended Using Junos SCREEN Applying and Monitoring SCREEN OptionsIDP Policy Options—Reconnaissance Attack Lab: Implementing SCREEN Options Monitoring IDP Operation Handling Source NAT Operation and ConfigurationLab: Implementing IDP Using Junos SCREEN Options—Denial Destination NAT Operation andChassis Cluster Components of Service Attack Handling ConfigurationChassis Cluster Operation Using Junos SCREEN Static NAT Operation and ConfigurationChassis Cluster Configuration Options—Suspicious Packets Attack Proxy ARPChassis Cluster Monitoring Handling Monitoring and Verifying NAT OperationLab: Implementing Chassis Clusters Applying and Monitoring SCREEN Lab: Network Address Translation UTM Feature Overview Options Secure VPN RequirementsDesign Basics Lab: Implementing SCREEN Options IPsec DetailsHardware Support Source NAT Operation and Configuration Configuration of IPsec VPNsLicensing of Features Destination NAT Operation and IPsec VPN MonitoringLab: Connecting to the Lab Equipment and Configuration Lab: Implementing IPsec VPNs Testing Connectivity Static NAT Operation and Configuration IDP Policy Components and ConfigurationOverview of Antispam Process Proxy ARP Signature DatabaseUTM Policy Overview Monitoring and Verifying NAT Operation Case Study: Applying the RecommendedConfiguration Steps Lab: Network Address Translation IDP PolicyMonitoring Antispam Secure VPN Requirements Monitoring IDP OperationLab: Configuring an Antispam Policy IPsec Details Lab: Implementing IDP Overview of Antivirus Process Configuration of IPsec VPNs Chassis Cluster ComponentsAV Operation IPsec VPN Monitoring Chassis Cluster OperationFull File-based AV Configuration Lab: Implementing IPsec VPNs Chassis Cluster ConfigurationExpress AV Configuration IDP Policy Components and Chassis Cluster MonitoringMonitoring AV Configuration Lab: Implementing Chassis Clusters Lab: Antivirus Configuration and Testing Signature Database UTM Feature OverviewConfiguration Case Study: Applying the Recommended Design BasicsVerification and Monitoring IDP Policy Hardware SupportLab: Configuring Content and Web Filtering Monitoring IDP Operation Licensing of Features

Lab: Implementing IDP Lab: Connecting to the Lab Equipment andChassis Cluster Components Testing Connectivity

line Chassis Cluster Operation Overview of Antispam ProcessTraditional Security Chassis Cluster Configuration UTM Policy OverviewBreaking the Tradition Chassis Cluster Monitoring Configuration StepsThe Junos OS Architecture Lab: Implementing Chassis Clusters Monitoring AntispamZone Configuration UTM Feature Overview Lab: Configuring an Antispam Policy Monitoring Security Zones Design Basics Overview of Antivirus ProcessLab: Configuring and Monitoring Zones Hardware Support AV OperationPolicy Components Licensing of Features Full File-based AV ConfigurationVerifying Policy Operation Lab: Connecting to the Lab Equipment Express AV Configuration


Policy Scheduling and Rematching and Testing Connectivity Monitoring AVPolicy Case Study Overview of Antispam Process Lab: Antivirus Configuration and Testing Lab: Security Policies UTM Policy Overview ConfigurationPass-Through Authentication Configuration Steps Verification and MonitoringWeb Authentication Monitoring Antispam Lab: Configuring Content and WebClient Groups Lab: Configuring an Antispam Policy Filtering Using External Authentication Servers Overview of Antivirus ProcessVerifying Firewall User Authentication AV OperationLab: Configuring Firewall Authentication Full File-based AV Configuration lineStages and Types of Attacks Express AV Configuration Traditional SecurityUsing Junos SCREEN Monitoring AV Breaking the TraditionOptions—Reconnaissance Attack Handling Lab: Antivirus Configuration and Testing The Junos OS Architecture Using Junos SCREEN Options—Denial of Configuration Zone ConfigurationService Attack Handling Verification and Monitoring Monitoring Security ZonesUsing Junos SCREEN Options—Suspicious Lab: Configuring Content and Web Lab: Configuring and Monitoring Zones Packets Attack Handling Filtering Policy ComponentsApplying and Monitoring SCREEN Options Verifying Policy OperationLab: Implementing SCREEN Options Policy Scheduling and RematchingSource NAT Operation and Configuration line Policy Case StudyDestination NAT Operation and Traditional Security Lab: Security Policies Configuration Breaking the Tradition Pass-Through AuthenticationStatic NAT Operation and Configuration The Junos OS Architecture Web AuthenticationProxy ARP Zone Configuration Client GroupsMonitoring and Verifying NAT Operation Monitoring Security Zones Using External Authentication ServersLab: Network Address Translation Lab: Configuring and Monitoring Zones Verifying Firewall User AuthenticationSecure VPN Requirements Policy Components Lab: Configuring Firewall Authentication IPsec Details Verifying Policy Operation Stages and Types of AttacksConfiguration of IPsec VPNs Policy Scheduling and Rematching Using Junos SCREENIPsec VPN Monitoring Policy Case Study Options—Reconnaissance AttackLab: Implementing IPsec VPNs Lab: Security Policies HandlingIDP Policy Components and Configuration Pass-Through Authentication Using Junos SCREEN Options—Denial ofSignature Database Web Authentication Service Attack HandlingCase Study: Applying the Recommended Client Groups Using Junos SCREENIDP Policy Using External Authentication Servers Options—Suspicious Packets AttackMonitoring IDP Operation Verifying Firewall User Authentication HandlingLab: Implementing IDP Lab: Configuring Firewall Authentication Applying and Monitoring SCREEN OptionsChassis Cluster Components Stages and Types of Attacks Lab: Implementing SCREEN Options Chassis Cluster Operation Using Junos SCREEN Source NAT Operation and ConfigurationChassis Cluster Configuration Options—Reconnaissance Attack Destination NAT Operation andChassis Cluster Monitoring Handling ConfigurationLab: Implementing Chassis Clusters Using Junos SCREEN Options—Denial Static NAT Operation and ConfigurationUTM Feature Overview of Service Attack Handling Proxy ARPDesign Basics Using Junos SCREEN Monitoring and Verifying NAT OperationHardware Support Options—Suspicious Packets Attack Lab: Network Address Translation Licensing of Features Handling Secure VPN RequirementsLab: Connecting to the Lab Equipment and Applying and Monitoring SCREEN IPsec DetailsTesting Connectivity Options Configuration of IPsec VPNsOverview of Antispam Process Lab: Implementing SCREEN Options IPsec VPN MonitoringUTM Policy Overview Source NAT Operation and Configuration Lab: Implementing IPsec VPNs Configuration Steps Destination NAT Operation and IDP Policy Components and ConfigurationMonitoring Antispam Configuration Signature DatabaseLab: Configuring an Antispam Policy Static NAT Operation and Configuration Case Study: Applying the RecommendedOverview of Antivirus Process Proxy ARP IDP PolicyAV Operation Monitoring and Verifying NAT Operation Monitoring IDP OperationFull File-based AV Configuration Lab: Network Address Translation Lab: Implementing IDP Express AV Configuration Secure VPN Requirements Chassis Cluster ComponentsMonitoring AV IPsec Details Chassis Cluster OperationLab: Antivirus Configuration and Testing Configuration of IPsec VPNs Chassis Cluster ConfigurationConfiguration IPsec VPN Monitoring Chassis Cluster MonitoringVerification and Monitoring Lab: Implementing IPsec VPNs Lab: Implementing Chassis Clusters Lab: Configuring Content and Web Filtering IDP Policy Components and UTM Feature Overview

Configuration Design BasicsSignature Database Hardware Support

line Case Study: Applying the Recommended Licensing of FeaturesTraditional Security IDP Policy Lab: Connecting to the Lab Equipment andBreaking the Tradition Monitoring IDP Operation Testing Connectivity


The Junos OS Architecture Lab: Implementing IDP Overview of Antispam ProcessZone Configuration Chassis Cluster Components UTM Policy OverviewMonitoring Security Zones Chassis Cluster Operation Configuration StepsLab: Configuring and Monitoring Zones Chassis Cluster Configuration Monitoring AntispamPolicy Components Chassis Cluster Monitoring Lab: Configuring an Antispam Policy Verifying Policy Operation Lab: Implementing Chassis Clusters Overview of Antivirus ProcessPolicy Scheduling and Rematching UTM Feature Overview AV OperationPolicy Case Study Design Basics Full File-based AV ConfigurationLab: Security Policies Hardware Support Express AV ConfigurationPass-Through Authentication Licensing of Features Monitoring AVWeb Authentication Lab: Connecting to the Lab Equipment Lab: Antivirus Configuration and Testing Client Groups and Testing Connectivity ConfigurationUsing External Authentication Servers Overview of Antispam Process Verification and MonitoringVerifying Firewall User Authentication UTM Policy Overview Lab: Configuring Content and WebLab: Configuring Firewall Authentication Configuration Steps Filtering Stages and Types of Attacks Monitoring AntispamUsing Junos SCREEN Lab: Configuring an Antispam Policy Options—Reconnaissance Attack Handling Overview of Antivirus Process lineUsing Junos SCREEN Options—Denial of AV Operation Traditional SecurityService Attack Handling Full File-based AV Configuration Breaking the TraditionUsing Junos SCREEN Options—Suspicious Express AV Configuration The Junos OS Architecture Packets Attack Handling Monitoring AV Zone ConfigurationApplying and Monitoring SCREEN Options Lab: Antivirus Configuration and Testing Monitoring Security ZonesLab: Implementing SCREEN Options Configuration Lab: Configuring and Monitoring Zones Source NAT Operation and Configuration Verification and Monitoring Policy ComponentsDestination NAT Operation and Lab: Configuring Content and Web Verifying Policy OperationConfiguration Filtering Policy Scheduling and RematchingStatic NAT Operation and Configuration Policy Case StudyProxy ARP IPsec VPNs Lab: Security Policies Monitoring and Verifying NAT Operation line Pass-Through AuthenticationLab: Network Address Translation VPN Types Web AuthenticationSecure VPN Requirements Client GroupsIPsec Details Using External Authentication ServersConfiguration of IPsec VPNs line Verifying Firewall User AuthenticationIPsec VPN Monitoring Traditional Security Lab: Configuring Firewall Authentication Lab: Implementing IPsec VPNs Breaking the Tradition Stages and Types of AttacksIDP Policy Components and Configuration The Junos OS Architecture Using Junos SCREENSignature Database Zone Configuration Options—Reconnaissance AttackCase Study: Applying the Recommended Monitoring Security Zones HandlingIDP Policy Lab: Configuring and Monitoring Zones Using Junos SCREEN Options—Denial ofMonitoring IDP Operation Policy Components Service Attack HandlingLab: Implementing IDP Verifying Policy Operation Using Junos SCREENChassis Cluster Components Policy Scheduling and Rematching Options—Suspicious Packets AttackChassis Cluster Operation Policy Case Study HandlingChassis Cluster Configuration Lab: Security Policies Applying and Monitoring SCREEN OptionsChassis Cluster Monitoring Pass-Through Authentication Lab: Implementing SCREEN Options Lab: Implementing Chassis Clusters Web Authentication Source NAT Operation and ConfigurationUTM Feature Overview Client Groups Destination NAT Operation andDesign Basics Using External Authentication Servers ConfigurationHardware Support Verifying Firewall User Authentication Static NAT Operation and ConfigurationLicensing of Features Lab: Configuring Firewall Authentication Proxy ARPLab: Connecting to the Lab Equipment and Stages and Types of Attacks Monitoring and Verifying NAT OperationTesting Connectivity Using Junos SCREEN Lab: Network Address Translation Overview of Antispam Process Options—Reconnaissance Attack Secure VPN RequirementsUTM Policy Overview Handling IPsec DetailsConfiguration Steps Using Junos SCREEN Options—Denial Configuration of IPsec VPNsMonitoring Antispam of Service Attack Handling IPsec VPN MonitoringLab: Configuring an Antispam Policy Using Junos SCREEN Lab: Implementing IPsec VPNs Overview of Antivirus Process Options—Suspicious Packets Attack IDP Policy Components and ConfigurationAV Operation Handling Signature DatabaseFull File-based AV Configuration Applying and Monitoring SCREEN Case Study: Applying the RecommendedExpress AV Configuration Options IDP PolicyMonitoring AV Lab: Implementing SCREEN Options Monitoring IDP OperationLab: Antivirus Configuration and Testing Source NAT Operation and Configuration Lab: Implementing IDP Configuration Destination NAT Operation and Chassis Cluster ComponentsVerification and Monitoring Configuration Chassis Cluster Operation


Lab: Configuring Content and Web Filtering Static NAT Operation and Configuration Chassis Cluster ConfigurationProxy ARP Chassis Cluster MonitoringMonitoring and Verifying NAT Operation Lab: Implementing Chassis Clusters

line Lab: Network Address Translation UTM Feature OverviewTraditional Security Secure VPN Requirements Design BasicsBreaking the Tradition IPsec Details Hardware SupportThe Junos OS Architecture Configuration of IPsec VPNs Licensing of FeaturesZone Configuration IPsec VPN Monitoring Lab: Connecting to the Lab Equipment andMonitoring Security Zones Lab: Implementing IPsec VPNs Testing Connectivity Lab: Configuring and Monitoring Zones IDP Policy Components and Overview of Antispam ProcessPolicy Components Configuration UTM Policy OverviewVerifying Policy Operation Signature Database Configuration StepsPolicy Scheduling and Rematching Case Study: Applying the Recommended Monitoring AntispamPolicy Case Study IDP Policy Lab: Configuring an Antispam Policy Lab: Security Policies Monitoring IDP Operation Overview of Antivirus ProcessPass-Through Authentication Lab: Implementing IDP AV OperationWeb Authentication Chassis Cluster Components Full File-based AV ConfigurationClient Groups Chassis Cluster Operation Express AV ConfigurationUsing External Authentication Servers Chassis Cluster Configuration Monitoring AVVerifying Firewall User Authentication Chassis Cluster Monitoring Lab: Antivirus Configuration and Testing Lab: Configuring Firewall Authentication Lab: Implementing Chassis Clusters ConfigurationStages and Types of Attacks UTM Feature Overview Verification and MonitoringUsing Junos SCREEN Design Basics Lab: Configuring Content and WebOptions—Reconnaissance Attack Handling Hardware Support Filtering Using Junos SCREEN Options—Denial of Licensing of FeaturesService Attack Handling Lab: Connecting to the Lab EquipmentUsing Junos SCREEN Options—Suspicious and Testing Connectivity linePackets Attack Handling Overview of Antispam Process Traditional SecurityApplying and Monitoring SCREEN Options UTM Policy Overview Breaking the TraditionLab: Implementing SCREEN Options Configuration Steps The Junos OS Architecture Source NAT Operation and Configuration Monitoring Antispam Zone ConfigurationDestination NAT Operation and Lab: Configuring an Antispam Policy Monitoring Security ZonesConfiguration Overview of Antivirus Process Lab: Configuring and Monitoring Zones Static NAT Operation and Configuration AV Operation Policy ComponentsProxy ARP Full File-based AV Configuration Verifying Policy OperationMonitoring and Verifying NAT Operation Express AV Configuration Policy Scheduling and RematchingLab: Network Address Translation Monitoring AV Policy Case StudySecure VPN Requirements Lab: Antivirus Configuration and Testing Lab: Security Policies IPsec Details Configuration Pass-Through AuthenticationConfiguration of IPsec VPNs Verification and Monitoring Web AuthenticationIPsec VPN Monitoring Lab: Configuring Content and Web Client GroupsLab: Implementing IPsec VPNs Filtering Using External Authentication ServersIDP Policy Components and Configuration Verifying Firewall User AuthenticationSignature Database Lab: Configuring Firewall Authentication Case Study: Applying the Recommended line Stages and Types of AttacksIDP Policy Traditional Security Using Junos SCREENMonitoring IDP Operation Breaking the Tradition Options—Reconnaissance AttackLab: Implementing IDP The Junos OS Architecture HandlingChassis Cluster Components Zone Configuration Using Junos SCREEN Options—Denial ofChassis Cluster Operation Monitoring Security Zones Service Attack HandlingChassis Cluster Configuration Lab: Configuring and Monitoring Zones Using Junos SCREENChassis Cluster Monitoring Policy Components Options—Suspicious Packets AttackLab: Implementing Chassis Clusters Verifying Policy Operation HandlingUTM Feature Overview Policy Scheduling and Rematching Applying and Monitoring SCREEN OptionsDesign Basics Policy Case Study Lab: Implementing SCREEN Options Hardware Support Lab: Security Policies Source NAT Operation and ConfigurationLicensing of Features Pass-Through Authentication Destination NAT Operation andLab: Connecting to the Lab Equipment and Web Authentication ConfigurationTesting Connectivity Client Groups Static NAT Operation and ConfigurationOverview of Antispam Process Using External Authentication Servers Proxy ARPUTM Policy Overview Verifying Firewall User Authentication Monitoring and Verifying NAT OperationConfiguration Steps Lab: Configuring Firewall Authentication Lab: Network Address Translation Monitoring Antispam Stages and Types of Attacks Secure VPN RequirementsLab: Configuring an Antispam Policy Using Junos SCREEN IPsec DetailsOverview of Antivirus Process Options—Reconnaissance Attack Configuration of IPsec VPNsAV Operation Handling IPsec VPN Monitoring


Full File-based AV Configuration Using Junos SCREEN Options—Denial Lab: Implementing IPsec VPNs Express AV Configuration of Service Attack Handling IDP Policy Components and ConfigurationMonitoring AV Using Junos SCREEN Signature DatabaseLab: Antivirus Configuration and Testing Options—Suspicious Packets Attack Case Study: Applying the RecommendedConfiguration Handling IDP PolicyVerification and Monitoring Applying and Monitoring SCREEN Monitoring IDP OperationLab: Configuring Content and Web Filtering Options Lab: Implementing IDP

Lab: Implementing SCREEN Options Chassis Cluster ComponentsSource NAT Operation and Configuration Chassis Cluster Operation

line Destination NAT Operation and Chassis Cluster ConfigurationTraditional Security Configuration Chassis Cluster MonitoringBreaking the Tradition Static NAT Operation and Configuration Lab: Implementing Chassis Clusters The Junos OS Architecture Proxy ARP UTM Feature OverviewZone Configuration Monitoring and Verifying NAT Operation Design BasicsMonitoring Security Zones Lab: Network Address Translation Hardware SupportLab: Configuring and Monitoring Zones Secure VPN Requirements Licensing of FeaturesPolicy Components IPsec Details Lab: Connecting to the Lab Equipment andVerifying Policy Operation Configuration of IPsec VPNs Testing Connectivity Policy Scheduling and Rematching IPsec VPN Monitoring Overview of Antispam ProcessPolicy Case Study Lab: Implementing IPsec VPNs UTM Policy OverviewLab: Security Policies IDP Policy Components and Configuration StepsPass-Through Authentication Configuration Monitoring AntispamWeb Authentication Signature Database Lab: Configuring an Antispam Policy Client Groups Case Study: Applying the Recommended Overview of Antivirus ProcessUsing External Authentication Servers IDP Policy AV OperationVerifying Firewall User Authentication Monitoring IDP Operation Full File-based AV ConfigurationLab: Configuring Firewall Authentication Lab: Implementing IDP Express AV ConfigurationStages and Types of Attacks Chassis Cluster Components Monitoring AVUsing Junos SCREEN Chassis Cluster Operation Lab: Antivirus Configuration and Testing Options—Reconnaissance Attack Handling Chassis Cluster Configuration ConfigurationUsing Junos SCREEN Options—Denial of Chassis Cluster Monitoring Verification and MonitoringService Attack Handling Lab: Implementing Chassis Clusters Lab: Configuring Content and WebUsing Junos SCREEN Options—Suspicious UTM Feature Overview Filtering Packets Attack Handling Design BasicsApplying and Monitoring SCREEN Options Hardware SupportLab: Implementing SCREEN Options Licensing of Features lineSource NAT Operation and Configuration Lab: Connecting to the Lab Equipment Traditional SecurityDestination NAT Operation and and Testing Connectivity Breaking the TraditionConfiguration Overview of Antispam Process The Junos OS Architecture Static NAT Operation and Configuration UTM Policy Overview Zone ConfigurationProxy ARP Configuration Steps Monitoring Security ZonesMonitoring and Verifying NAT Operation Monitoring Antispam Lab: Configuring and Monitoring Zones Lab: Network Address Translation Lab: Configuring an Antispam Policy Policy ComponentsSecure VPN Requirements Overview of Antivirus Process Verifying Policy OperationIPsec Details AV Operation Policy Scheduling and RematchingConfiguration of IPsec VPNs Full File-based AV Configuration Policy Case StudyIPsec VPN Monitoring Express AV Configuration Lab: Security Policies Lab: Implementing IPsec VPNs Monitoring AV Pass-Through AuthenticationIDP Policy Components and Configuration Lab: Antivirus Configuration and Testing Web AuthenticationSignature Database Configuration Client GroupsCase Study: Applying the Recommended Verification and Monitoring Using External Authentication ServersIDP Policy Lab: Configuring Content and Web Verifying Firewall User AuthenticationMonitoring IDP Operation Filtering Lab: Configuring Firewall Authentication Lab: Implementing IDP Stages and Types of AttacksChassis Cluster Components Using Junos SCREENChassis Cluster Operation line Options—Reconnaissance AttackChassis Cluster Configuration Traditional Security HandlingChassis Cluster Monitoring Breaking the Tradition Using Junos SCREEN Options—Denial ofLab: Implementing Chassis Clusters The Junos OS Architecture Service Attack HandlingUTM Feature Overview Zone Configuration Using Junos SCREENDesign Basics Monitoring Security Zones Options—Suspicious Packets AttackHardware Support Lab: Configuring and Monitoring Zones HandlingLicensing of Features Policy Components Applying and Monitoring SCREEN OptionsLab: Connecting to the Lab Equipment and Verifying Policy Operation Lab: Implementing SCREEN Options Testing Connectivity Policy Scheduling and Rematching Source NAT Operation and ConfigurationOverview of Antispam Process Policy Case Study Destination NAT Operation and


UTM Policy Overview Lab: Security Policies ConfigurationConfiguration Steps Pass-Through Authentication Static NAT Operation and ConfigurationMonitoring Antispam Web Authentication Proxy ARPLab: Configuring an Antispam Policy Client Groups Monitoring and Verifying NAT OperationOverview of Antivirus Process Using External Authentication Servers Lab: Network Address Translation AV Operation Verifying Firewall User Authentication Secure VPN RequirementsFull File-based AV Configuration Lab: Configuring Firewall Authentication IPsec DetailsExpress AV Configuration Stages and Types of Attacks Configuration of IPsec VPNsMonitoring AV Using Junos SCREEN IPsec VPN MonitoringLab: Antivirus Configuration and Testing Options—Reconnaissance Attack Lab: Implementing IPsec VPNs Configuration Handling IDP Policy Components and ConfigurationVerification and Monitoring Using Junos SCREEN Options—Denial Signature DatabaseLab: Configuring Content and Web Filtering of Service Attack Handling Case Study: Applying the Recommended

Using Junos SCREEN IDP PolicyFirewall User Authentication Options—Suspicious Packets Attack Monitoring IDP Operationline Handling Lab: Implementing IDP

Firewall User Authentication Overview Applying and Monitoring SCREEN Chassis Cluster ComponentsOptions Chassis Cluster OperationLab: Implementing SCREEN Options Chassis Cluster Configuration

line Source NAT Operation and Configuration Chassis Cluster MonitoringTraditional Security Destination NAT Operation and Lab: Implementing Chassis Clusters Breaking the Tradition Configuration UTM Feature OverviewThe Junos OS Architecture Static NAT Operation and Configuration Design BasicsZone Configuration Proxy ARP Hardware SupportMonitoring Security Zones Monitoring and Verifying NAT Operation Licensing of FeaturesLab: Configuring and Monitoring Zones Lab: Network Address Translation Lab: Connecting to the Lab Equipment andPolicy Components Secure VPN Requirements Testing Connectivity Verifying Policy Operation IPsec Details Overview of Antispam ProcessPolicy Scheduling and Rematching Configuration of IPsec VPNs UTM Policy OverviewPolicy Case Study IPsec VPN Monitoring Configuration StepsLab: Security Policies Lab: Implementing IPsec VPNs Monitoring AntispamPass-Through Authentication IDP Policy Components and Lab: Configuring an Antispam Policy Web Authentication Configuration Overview of Antivirus ProcessClient Groups Signature Database AV OperationUsing External Authentication Servers Case Study: Applying the Recommended Full File-based AV ConfigurationVerifying Firewall User Authentication IDP Policy Express AV ConfigurationLab: Configuring Firewall Authentication Monitoring IDP Operation Monitoring AVStages and Types of Attacks Lab: Implementing IDP Lab: Antivirus Configuration and Testing Using Junos SCREEN Chassis Cluster Components ConfigurationOptions—Reconnaissance Attack Handling Chassis Cluster Operation Verification and MonitoringUsing Junos SCREEN Options—Denial of Chassis Cluster Configuration Lab: Configuring Content and WebService Attack Handling Chassis Cluster Monitoring Filtering Using Junos SCREEN Options—Suspicious Lab: Implementing Chassis Clusters Packets Attack Handling UTM Feature Overview Full File-Based and Express AntivirusApplying and Monitoring SCREEN Options Design Basics lineLab: Implementing SCREEN Options Hardware Support Antivirus TerminologySource NAT Operation and Configuration Licensing of FeaturesDestination NAT Operation and Lab: Connecting to the Lab EquipmentConfiguration and Testing Connectivity lineStatic NAT Operation and Configuration Overview of Antispam Process Traditional SecurityProxy ARP UTM Policy Overview Breaking the TraditionMonitoring and Verifying NAT Operation Configuration Steps The Junos OS Architecture Lab: Network Address Translation Monitoring Antispam Zone ConfigurationSecure VPN Requirements Lab: Configuring an Antispam Policy Monitoring Security ZonesIPsec Details Overview of Antivirus Process Lab: Configuring and Monitoring Zones Configuration of IPsec VPNs AV Operation Policy ComponentsIPsec VPN Monitoring Full File-based AV Configuration Verifying Policy OperationLab: Implementing IPsec VPNs Express AV Configuration Policy Scheduling and RematchingIDP Policy Components and Configuration Monitoring AV Policy Case StudySignature Database Lab: Antivirus Configuration and Testing Lab: Security Policies Case Study: Applying the Recommended Configuration Pass-Through AuthenticationIDP Policy Verification and Monitoring Web AuthenticationMonitoring IDP Operation Lab: Configuring Content and Web Client GroupsLab: Implementing IDP Filtering Using External Authentication ServersChassis Cluster Components Verifying Firewall User AuthenticationChassis Cluster Operation Lab: Configuring Firewall Authentication


Chassis Cluster Configuration line Stages and Types of AttacksChassis Cluster Monitoring Traditional Security Using Junos SCREENLab: Implementing Chassis Clusters Breaking the Tradition Options—Reconnaissance AttackUTM Feature Overview The Junos OS Architecture HandlingDesign Basics Zone Configuration Using Junos SCREEN Options—Denial ofHardware Support Monitoring Security Zones Service Attack HandlingLicensing of Features Lab: Configuring and Monitoring Zones Using Junos SCREENLab: Connecting to the Lab Equipment and Policy Components Options—Suspicious Packets AttackTesting Connectivity Verifying Policy Operation HandlingOverview of Antispam Process Policy Scheduling and Rematching Applying and Monitoring SCREEN OptionsUTM Policy Overview Policy Case Study Lab: Implementing SCREEN Options Configuration Steps Lab: Security Policies Source NAT Operation and ConfigurationMonitoring Antispam Pass-Through Authentication Destination NAT Operation andLab: Configuring an Antispam Policy Web Authentication ConfigurationOverview of Antivirus Process Client Groups Static NAT Operation and ConfigurationAV Operation Using External Authentication Servers Proxy ARPFull File-based AV Configuration Verifying Firewall User Authentication Monitoring and Verifying NAT OperationExpress AV Configuration Lab: Configuring Firewall Authentication Lab: Network Address Translation Monitoring AV Stages and Types of Attacks Secure VPN RequirementsLab: Antivirus Configuration and Testing Using Junos SCREEN IPsec DetailsConfiguration Options—Reconnaissance Attack Configuration of IPsec VPNsVerification and Monitoring Handling IPsec VPN MonitoringLab: Configuring Content and Web Filtering Using Junos SCREEN Options—Denial Lab: Implementing IPsec VPNs

of Service Attack Handling IDP Policy Components and ConfigurationUsing Junos SCREEN Signature Database

line Options—Suspicious Packets Attack Case Study: Applying the RecommendedTraditional Security Handling IDP PolicyBreaking the Tradition Applying and Monitoring SCREEN Monitoring IDP OperationThe Junos OS Architecture Options Lab: Implementing IDP Zone Configuration Lab: Implementing SCREEN Options Chassis Cluster ComponentsMonitoring Security Zones Source NAT Operation and Configuration Chassis Cluster OperationLab: Configuring and Monitoring Zones Destination NAT Operation and Chassis Cluster ConfigurationPolicy Components Configuration Chassis Cluster MonitoringVerifying Policy Operation Static NAT Operation and Configuration Lab: Implementing Chassis Clusters Policy Scheduling and Rematching Proxy ARP UTM Feature OverviewPolicy Case Study Monitoring and Verifying NAT Operation Design BasicsLab: Security Policies Lab: Network Address Translation Hardware SupportPass-Through Authentication Secure VPN Requirements Licensing of FeaturesWeb Authentication IPsec Details Lab: Connecting to the Lab Equipment andClient Groups Configuration of IPsec VPNs Testing Connectivity Using External Authentication Servers IPsec VPN Monitoring Overview of Antispam ProcessVerifying Firewall User Authentication Lab: Implementing IPsec VPNs UTM Policy OverviewLab: Configuring Firewall Authentication IDP Policy Components and Configuration StepsStages and Types of Attacks Configuration Monitoring AntispamUsing Junos SCREEN Signature Database Lab: Configuring an Antispam Policy Options—Reconnaissance Attack Handling Case Study: Applying the Recommended Overview of Antivirus ProcessUsing Junos SCREEN Options—Denial of IDP Policy AV OperationService Attack Handling Monitoring IDP Operation Full File-based AV ConfigurationUsing Junos SCREEN Options—Suspicious Lab: Implementing IDP Express AV ConfigurationPackets Attack Handling Chassis Cluster Components Monitoring AVApplying and Monitoring SCREEN Options Chassis Cluster Operation Lab: Antivirus Configuration and Testing Lab: Implementing SCREEN Options Chassis Cluster Configuration ConfigurationSource NAT Operation and Configuration Chassis Cluster Monitoring Verification and MonitoringDestination NAT Operation and Lab: Implementing Chassis Clusters Lab: Configuring Content and WebConfiguration UTM Feature Overview Filtering Static NAT Operation and Configuration Design BasicsProxy ARP Hardware SupportMonitoring and Verifying NAT Operation Licensing of Features lineLab: Network Address Translation Lab: Connecting to the Lab Equipment Traditional SecuritySecure VPN Requirements and Testing Connectivity Breaking the TraditionIPsec Details Overview of Antispam Process The Junos OS Architecture Configuration of IPsec VPNs UTM Policy Overview Zone ConfigurationIPsec VPN Monitoring Configuration Steps Monitoring Security ZonesLab: Implementing IPsec VPNs Monitoring Antispam Lab: Configuring and Monitoring Zones IDP Policy Components and Configuration Lab: Configuring an Antispam Policy Policy ComponentsSignature Database Overview of Antivirus Process Verifying Policy Operation


Case Study: Applying the Recommended AV Operation Policy Scheduling and RematchingIDP Policy Full File-based AV Configuration Policy Case StudyMonitoring IDP Operation Express AV Configuration Lab: Security Policies Lab: Implementing IDP Monitoring AV Pass-Through AuthenticationChassis Cluster Components Lab: Antivirus Configuration and Testing Web AuthenticationChassis Cluster Operation Configuration Client GroupsChassis Cluster Configuration Verification and Monitoring Using External Authentication ServersChassis Cluster Monitoring Lab: Configuring Content and Web Verifying Firewall User AuthenticationLab: Implementing Chassis Clusters Filtering Lab: Configuring Firewall Authentication UTM Feature Overview Stages and Types of AttacksDesign Basics Using Junos SCREENHardware Support line Options—Reconnaissance AttackLicensing of Features Traditional Security HandlingLab: Connecting to the Lab Equipment and Breaking the Tradition Using Junos SCREEN Options—Denial ofTesting Connectivity The Junos OS Architecture Service Attack HandlingOverview of Antispam Process Zone Configuration Using Junos SCREENUTM Policy Overview Monitoring Security Zones Options—Suspicious Packets AttackConfiguration Steps Lab: Configuring and Monitoring Zones HandlingMonitoring Antispam Policy Components Applying and Monitoring SCREEN OptionsLab: Configuring an Antispam Policy Verifying Policy Operation Lab: Implementing SCREEN Options Overview of Antivirus Process Policy Scheduling and Rematching Source NAT Operation and ConfigurationAV Operation Policy Case Study Destination NAT Operation andFull File-based AV Configuration Lab: Security Policies ConfigurationExpress AV Configuration Pass-Through Authentication Static NAT Operation and ConfigurationMonitoring AV Web Authentication Proxy ARPLab: Antivirus Configuration and Testing Client Groups Monitoring and Verifying NAT OperationConfiguration Using External Authentication Servers Lab: Network Address Translation Verification and Monitoring Verifying Firewall User Authentication Secure VPN RequirementsLab: Configuring Content and Web Filtering Lab: Configuring Firewall Authentication IPsec Details

Stages and Types of Attacks Configuration of IPsec VPNsUsing Junos SCREEN IPsec VPN Monitoring

line Options—Reconnaissance Attack Lab: Implementing IPsec VPNs Traditional Security Handling IDP Policy Components and ConfigurationBreaking the Tradition Using Junos SCREEN Options—Denial Signature DatabaseThe Junos OS Architecture of Service Attack Handling Case Study: Applying the RecommendedZone Configuration Using Junos SCREEN IDP PolicyMonitoring Security Zones Options—Suspicious Packets Attack Monitoring IDP OperationLab: Configuring and Monitoring Zones Handling Lab: Implementing IDP Policy Components Applying and Monitoring SCREEN Chassis Cluster ComponentsVerifying Policy Operation Options Chassis Cluster OperationPolicy Scheduling and Rematching Lab: Implementing SCREEN Options Chassis Cluster ConfigurationPolicy Case Study Source NAT Operation and Configuration Chassis Cluster MonitoringLab: Security Policies Destination NAT Operation and Lab: Implementing Chassis Clusters Pass-Through Authentication Configuration UTM Feature OverviewWeb Authentication Static NAT Operation and Configuration Design BasicsClient Groups Proxy ARP Hardware SupportUsing External Authentication Servers Monitoring and Verifying NAT Operation Licensing of FeaturesVerifying Firewall User Authentication Lab: Network Address Translation Lab: Connecting to the Lab Equipment andLab: Configuring Firewall Authentication Secure VPN Requirements Testing Connectivity Stages and Types of Attacks IPsec Details Overview of Antispam ProcessUsing Junos SCREEN Configuration of IPsec VPNs UTM Policy OverviewOptions—Reconnaissance Attack Handling IPsec VPN Monitoring Configuration StepsUsing Junos SCREEN Options—Denial of Lab: Implementing IPsec VPNs Monitoring AntispamService Attack Handling IDP Policy Components and Lab: Configuring an Antispam Policy Using Junos SCREEN Options—Suspicious Configuration Overview of Antivirus ProcessPackets Attack Handling Signature Database AV OperationApplying and Monitoring SCREEN Options Case Study: Applying the Recommended Full File-based AV ConfigurationLab: Implementing SCREEN Options IDP Policy Express AV ConfigurationSource NAT Operation and Configuration Monitoring IDP Operation Monitoring AVDestination NAT Operation and Lab: Implementing IDP Lab: Antivirus Configuration and Testing Configuration Chassis Cluster Components ConfigurationStatic NAT Operation and Configuration Chassis Cluster Operation Verification and MonitoringProxy ARP Chassis Cluster Configuration Lab: Configuring Content and WebMonitoring and Verifying NAT Operation Chassis Cluster Monitoring Filtering Lab: Network Address Translation Lab: Implementing Chassis Clusters Secure VPN Requirements UTM Feature Overview


IPsec Details Design Basics lineConfiguration of IPsec VPNs Hardware Support Traditional SecurityIPsec VPN Monitoring Licensing of Features Breaking the TraditionLab: Implementing IPsec VPNs Lab: Connecting to the Lab Equipment The Junos OS Architecture IDP Policy Components and Configuration and Testing Connectivity Zone ConfigurationSignature Database Overview of Antispam Process Monitoring Security ZonesCase Study: Applying the Recommended UTM Policy Overview Lab: Configuring and Monitoring Zones IDP Policy Configuration Steps Policy ComponentsMonitoring IDP Operation Monitoring Antispam Verifying Policy OperationLab: Implementing IDP Lab: Configuring an Antispam Policy Policy Scheduling and RematchingChassis Cluster Components Overview of Antivirus Process Policy Case StudyChassis Cluster Operation AV Operation Lab: Security Policies Chassis Cluster Configuration Full File-based AV Configuration Pass-Through AuthenticationChassis Cluster Monitoring Express AV Configuration Web AuthenticationLab: Implementing Chassis Clusters Monitoring AV Client GroupsUTM Feature Overview Lab: Antivirus Configuration and Testing Using External Authentication ServersDesign Basics Configuration Verifying Firewall User AuthenticationHardware Support Verification and Monitoring Lab: Configuring Firewall Authentication Licensing of Features Lab: Configuring Content and Web Stages and Types of AttacksLab: Connecting to the Lab Equipment and Filtering Using Junos SCREENTesting Connectivity Options—Reconnaissance AttackOverview of Antispam Process Introduction to Intrusion Detection and HandlingUTM Policy Overview Prevention Using Junos SCREEN Options—Denial ofConfiguration Steps line Service Attack HandlingMonitoring Antispam Introduction to Junos IDP Using Junos SCREENLab: Configuring an Antispam Policy Options—Suspicious Packets AttackOverview of Antivirus Process HandlingAV Operation line Applying and Monitoring SCREEN OptionsFull File-based AV Configuration Traditional Security Lab: Implementing SCREEN Options Express AV Configuration Breaking the Tradition Source NAT Operation and ConfigurationMonitoring AV The Junos OS Architecture Destination NAT Operation andLab: Antivirus Configuration and Testing Zone Configuration ConfigurationConfiguration Monitoring Security Zones Static NAT Operation and ConfigurationVerification and Monitoring Lab: Configuring and Monitoring Zones Proxy ARPLab: Configuring Content and Web Filtering Policy Components Monitoring and Verifying NAT Operation

Verifying Policy Operation Lab: Network Address Translation Policy Scheduling and Rematching Secure VPN Requirements

line Policy Case Study IPsec DetailsTraditional Security Lab: Security Policies Configuration of IPsec VPNsBreaking the Tradition Pass-Through Authentication IPsec VPN MonitoringThe Junos OS Architecture Web Authentication Lab: Implementing IPsec VPNs Zone Configuration Client Groups IDP Policy Components and ConfigurationMonitoring Security Zones Using External Authentication Servers Signature DatabaseLab: Configuring and Monitoring Zones Verifying Firewall User Authentication Case Study: Applying the RecommendedPolicy Components Lab: Configuring Firewall Authentication IDP PolicyVerifying Policy Operation Stages and Types of Attacks Monitoring IDP OperationPolicy Scheduling and Rematching Using Junos SCREEN Lab: Implementing IDP Policy Case Study Options—Reconnaissance Attack Chassis Cluster ComponentsLab: Security Policies Handling Chassis Cluster OperationPass-Through Authentication Using Junos SCREEN Options—Denial Chassis Cluster ConfigurationWeb Authentication of Service Attack Handling Chassis Cluster MonitoringClient Groups Using Junos SCREEN Lab: Implementing Chassis Clusters Using External Authentication Servers Options—Suspicious Packets Attack UTM Feature OverviewVerifying Firewall User Authentication Handling Design BasicsLab: Configuring Firewall Authentication Applying and Monitoring SCREEN Hardware SupportStages and Types of Attacks Options Licensing of FeaturesUsing Junos SCREEN Lab: Implementing SCREEN Options Lab: Connecting to the Lab Equipment andOptions—Reconnaissance Attack Handling Source NAT Operation and Configuration Testing Connectivity Using Junos SCREEN Options—Denial of Destination NAT Operation and Overview of Antispam ProcessService Attack Handling Configuration UTM Policy OverviewUsing Junos SCREEN Options—Suspicious Static NAT Operation and Configuration Configuration StepsPackets Attack Handling Proxy ARP Monitoring AntispamApplying and Monitoring SCREEN Options Monitoring and Verifying NAT Operation Lab: Configuring an Antispam Policy Lab: Implementing SCREEN Options Lab: Network Address Translation Overview of Antivirus ProcessSource NAT Operation and Configuration Secure VPN Requirements AV OperationDestination NAT Operation and IPsec Details Full File-based AV Configuration


Configuration Configuration of IPsec VPNs Express AV ConfigurationStatic NAT Operation and Configuration IPsec VPN Monitoring Monitoring AVProxy ARP Lab: Implementing IPsec VPNs Lab: Antivirus Configuration and Testing Monitoring and Verifying NAT Operation IDP Policy Components and ConfigurationLab: Network Address Translation Configuration Verification and MonitoringSecure VPN Requirements Signature Database Lab: Configuring Content and WebIPsec Details Case Study: Applying the Recommended Filtering Configuration of IPsec VPNs IDP PolicyIPsec VPN Monitoring Monitoring IDP OperationLab: Implementing IPsec VPNs Lab: Implementing IDP lineIDP Policy Components and Configuration Chassis Cluster Components Traditional SecuritySignature Database Chassis Cluster Operation Breaking the TraditionCase Study: Applying the Recommended Chassis Cluster Configuration The Junos OS Architecture IDP Policy Chassis Cluster Monitoring Zone ConfigurationMonitoring IDP Operation Lab: Implementing Chassis Clusters Monitoring Security ZonesLab: Implementing IDP UTM Feature Overview Lab: Configuring and Monitoring Zones Chassis Cluster Components Design Basics Policy ComponentsChassis Cluster Operation Hardware Support Verifying Policy OperationChassis Cluster Configuration Licensing of Features Policy Scheduling and RematchingChassis Cluster Monitoring Lab: Connecting to the Lab Equipment Policy Case StudyLab: Implementing Chassis Clusters and Testing Connectivity Lab: Security Policies UTM Feature Overview Overview of Antispam Process Pass-Through AuthenticationDesign Basics UTM Policy Overview Web AuthenticationHardware Support Configuration Steps Client GroupsLicensing of Features Monitoring Antispam Using External Authentication ServersLab: Connecting to the Lab Equipment and Lab: Configuring an Antispam Policy Verifying Firewall User AuthenticationTesting Connectivity Overview of Antivirus Process Lab: Configuring Firewall Authentication Overview of Antispam Process AV Operation Stages and Types of AttacksUTM Policy Overview Full File-based AV Configuration Using Junos SCREENConfiguration Steps Express AV Configuration Options—Reconnaissance AttackMonitoring Antispam Monitoring AV HandlingLab: Configuring an Antispam Policy Lab: Antivirus Configuration and Testing Using Junos SCREEN Options—Denial ofOverview of Antivirus Process Configuration Service Attack HandlingAV Operation Verification and Monitoring Using Junos SCREENFull File-based AV Configuration Lab: Configuring Content and Web Options—Suspicious Packets AttackExpress AV Configuration Filtering HandlingMonitoring AV Applying and Monitoring SCREEN OptionsLab: Antivirus Configuration and Testing Lab: Implementing SCREEN Options Configuration line Source NAT Operation and ConfigurationVerification and Monitoring Traditional Security Destination NAT Operation andLab: Configuring Content and Web Filtering Breaking the Tradition Configuration

The Junos OS Architecture Static NAT Operation and ConfigurationZone Configuration Proxy ARP

line Monitoring Security Zones Monitoring and Verifying NAT OperationTraditional Security Lab: Configuring and Monitoring Zones Lab: Network Address Translation Breaking the Tradition Policy Components Secure VPN RequirementsThe Junos OS Architecture Verifying Policy Operation IPsec DetailsZone Configuration Policy Scheduling and Rematching Configuration of IPsec VPNsMonitoring Security Zones Policy Case Study IPsec VPN MonitoringLab: Configuring and Monitoring Zones Lab: Security Policies Lab: Implementing IPsec VPNs Policy Components Pass-Through Authentication IDP Policy Components and ConfigurationVerifying Policy Operation Web Authentication Signature DatabasePolicy Scheduling and Rematching Client Groups Case Study: Applying the RecommendedPolicy Case Study Using External Authentication Servers IDP PolicyLab: Security Policies Verifying Firewall User Authentication Monitoring IDP OperationPass-Through Authentication Lab: Configuring Firewall Authentication Lab: Implementing IDP Web Authentication Stages and Types of Attacks Chassis Cluster ComponentsClient Groups Using Junos SCREEN Chassis Cluster OperationUsing External Authentication Servers Options—Reconnaissance Attack Chassis Cluster ConfigurationVerifying Firewall User Authentication Handling Chassis Cluster MonitoringLab: Configuring Firewall Authentication Using Junos SCREEN Options—Denial Lab: Implementing Chassis Clusters Stages and Types of Attacks of Service Attack Handling UTM Feature OverviewUsing Junos SCREEN Using Junos SCREEN Design BasicsOptions—Reconnaissance Attack Handling Options—Suspicious Packets Attack Hardware SupportUsing Junos SCREEN Options—Denial of Handling Licensing of FeaturesService Attack Handling Applying and Monitoring SCREEN Lab: Connecting to the Lab Equipment and


Using Junos SCREEN Options—Suspicious Options Testing Connectivity Packets Attack Handling Lab: Implementing SCREEN Options Overview of Antispam ProcessApplying and Monitoring SCREEN Options Source NAT Operation and Configuration UTM Policy OverviewLab: Implementing SCREEN Options Destination NAT Operation and Configuration StepsSource NAT Operation and Configuration Configuration Monitoring AntispamDestination NAT Operation and Static NAT Operation and Configuration Lab: Configuring an Antispam Policy Configuration Proxy ARP Overview of Antivirus ProcessStatic NAT Operation and Configuration Monitoring and Verifying NAT Operation AV OperationProxy ARP Lab: Network Address Translation Full File-based AV ConfigurationMonitoring and Verifying NAT Operation Secure VPN Requirements Express AV ConfigurationLab: Network Address Translation IPsec Details Monitoring AVSecure VPN Requirements Configuration of IPsec VPNs Lab: Antivirus Configuration and Testing IPsec Details IPsec VPN Monitoring ConfigurationConfiguration of IPsec VPNs Lab: Implementing IPsec VPNs Verification and MonitoringIPsec VPN Monitoring IDP Policy Components and Lab: Configuring Content and WebLab: Implementing IPsec VPNs Configuration Filtering IDP Policy Components and Configuration Signature DatabaseSignature Database Case Study: Applying the RecommendedCase Study: Applying the Recommended IDP Policy lineIDP Policy Monitoring IDP Operation Traditional SecurityMonitoring IDP Operation Lab: Implementing IDP Breaking the TraditionLab: Implementing IDP Chassis Cluster Components The Junos OS Architecture Chassis Cluster Components Chassis Cluster Operation Zone ConfigurationChassis Cluster Operation Chassis Cluster Configuration Monitoring Security ZonesChassis Cluster Configuration Chassis Cluster Monitoring Lab: Configuring and Monitoring Zones Chassis Cluster Monitoring Lab: Implementing Chassis Clusters Policy ComponentsLab: Implementing Chassis Clusters UTM Feature Overview Verifying Policy OperationUTM Feature Overview Design Basics Policy Scheduling and RematchingDesign Basics Hardware Support Policy Case StudyHardware Support Licensing of Features Lab: Security Policies Licensing of Features Lab: Connecting to the Lab Equipment Pass-Through AuthenticationLab: Connecting to the Lab Equipment and and Testing Connectivity Web AuthenticationTesting Connectivity Overview of Antispam Process Client GroupsOverview of Antispam Process UTM Policy Overview Using External Authentication ServersUTM Policy Overview Configuration Steps Verifying Firewall User AuthenticationConfiguration Steps Monitoring Antispam Lab: Configuring Firewall Authentication Monitoring Antispam Lab: Configuring an Antispam Policy Stages and Types of AttacksLab: Configuring an Antispam Policy Overview of Antivirus Process Using Junos SCREENOverview of Antivirus Process AV Operation Options—Reconnaissance AttackAV Operation Full File-based AV Configuration HandlingFull File-based AV Configuration Express AV Configuration Using Junos SCREEN Options—Denial ofExpress AV Configuration Monitoring AV Service Attack HandlingMonitoring AV Lab: Antivirus Configuration and Testing Using Junos SCREENLab: Antivirus Configuration and Testing Configuration Options—Suspicious Packets AttackConfiguration Verification and Monitoring HandlingVerification and Monitoring Lab: Configuring Content and Web Applying and Monitoring SCREEN OptionsLab: Configuring Content and Web Filtering Filtering Lab: Implementing SCREEN Options

Source NAT Operation and ConfigurationDestination NAT Operation and

line line ConfigurationTraditional Security Traditional Security Static NAT Operation and ConfigurationBreaking the Tradition Breaking the Tradition Proxy ARPThe Junos OS Architecture The Junos OS Architecture Monitoring and Verifying NAT OperationZone Configuration Zone Configuration Lab: Network Address Translation Monitoring Security Zones Monitoring Security Zones Secure VPN RequirementsLab: Configuring and Monitoring Zones Lab: Configuring and Monitoring Zones IPsec DetailsPolicy Components Policy Components Configuration of IPsec VPNsVerifying Policy Operation Verifying Policy Operation IPsec VPN MonitoringPolicy Scheduling and Rematching Policy Scheduling and Rematching Lab: Implementing IPsec VPNs Policy Case Study Policy Case Study IDP Policy Components and ConfigurationLab: Security Policies Lab: Security Policies Signature DatabasePass-Through Authentication Pass-Through Authentication Case Study: Applying the RecommendedWeb Authentication Web Authentication IDP PolicyClient Groups Client Groups Monitoring IDP OperationUsing External Authentication Servers Using External Authentication Servers Lab: Implementing IDP Verifying Firewall User Authentication Verifying Firewall User Authentication Chassis Cluster Components


Lab: Configuring Firewall Authentication Lab: Configuring Firewall Authentication Chassis Cluster OperationStages and Types of Attacks Stages and Types of Attacks Chassis Cluster ConfigurationUsing Junos SCREEN Using Junos SCREEN Chassis Cluster MonitoringOptions—Reconnaissance Attack Handling Options—Reconnaissance Attack Lab: Implementing Chassis Clusters Using Junos SCREEN Options—Denial of Handling UTM Feature OverviewService Attack Handling Using Junos SCREEN Options—Denial Design BasicsUsing Junos SCREEN Options—Suspicious of Service Attack Handling Hardware SupportPackets Attack Handling Using Junos SCREEN Licensing of FeaturesApplying and Monitoring SCREEN Options Options—Suspicious Packets Attack Lab: Connecting to the Lab Equipment andLab: Implementing SCREEN Options Handling Testing Connectivity Source NAT Operation and Configuration Applying and Monitoring SCREEN Overview of Antispam ProcessDestination NAT Operation and Options UTM Policy OverviewConfiguration Lab: Implementing SCREEN Options Configuration StepsStatic NAT Operation and Configuration Source NAT Operation and Configuration Monitoring AntispamProxy ARP Destination NAT Operation and Lab: Configuring an Antispam Policy Monitoring and Verifying NAT Operation Configuration Overview of Antivirus ProcessLab: Network Address Translation Static NAT Operation and Configuration AV OperationSecure VPN Requirements Proxy ARP Full File-based AV ConfigurationIPsec Details Monitoring and Verifying NAT Operation Express AV ConfigurationConfiguration of IPsec VPNs Lab: Network Address Translation Monitoring AVIPsec VPN Monitoring Secure VPN Requirements Lab: Antivirus Configuration and Testing Lab: Implementing IPsec VPNs IPsec Details ConfigurationIDP Policy Components and Configuration Configuration of IPsec VPNs Verification and MonitoringSignature Database IPsec VPN Monitoring Lab: Configuring Content and WebCase Study: Applying the Recommended Lab: Implementing IPsec VPNs Filtering IDP Policy IDP Policy Components andMonitoring IDP Operation ConfigurationLab: Implementing IDP Signature Database lineChassis Cluster Components Case Study: Applying the Recommended Traditional SecurityChassis Cluster Operation IDP Policy Breaking the TraditionChassis Cluster Configuration Monitoring IDP Operation The Junos OS Architecture Chassis Cluster Monitoring Lab: Implementing IDP Zone ConfigurationLab: Implementing Chassis Clusters Chassis Cluster Components Monitoring Security ZonesUTM Feature Overview Chassis Cluster Operation Lab: Configuring and Monitoring Zones Design Basics Chassis Cluster Configuration Policy ComponentsHardware Support Chassis Cluster Monitoring Verifying Policy OperationLicensing of Features Lab: Implementing Chassis Clusters Policy Scheduling and RematchingLab: Connecting to the Lab Equipment and UTM Feature Overview Policy Case StudyTesting Connectivity Design Basics Lab: Security Policies Overview of Antispam Process Hardware Support Pass-Through AuthenticationUTM Policy Overview Licensing of Features Web AuthenticationConfiguration Steps Lab: Connecting to the Lab Equipment Client GroupsMonitoring Antispam and Testing Connectivity Using External Authentication ServersLab: Configuring an Antispam Policy Overview of Antispam Process Verifying Firewall User AuthenticationOverview of Antivirus Process UTM Policy Overview Lab: Configuring Firewall Authentication AV Operation Configuration Steps Stages and Types of AttacksFull File-based AV Configuration Monitoring Antispam Using Junos SCREENExpress AV Configuration Lab: Configuring an Antispam Policy Options—Reconnaissance AttackMonitoring AV Overview of Antivirus Process HandlingLab: Antivirus Configuration and Testing AV Operation Using Junos SCREEN Options—Denial ofConfiguration Full File-based AV Configuration Service Attack HandlingVerification and Monitoring Express AV Configuration Using Junos SCREENLab: Configuring Content and Web Filtering Monitoring AV Options—Suspicious Packets Attack

Lab: Antivirus Configuration and Testing HandlingSCREEN Options Configuration Applying and Monitoring SCREEN Optionsline Verification and Monitoring Lab: Implementing SCREEN Options

Multilayer Network Protection Lab: Configuring Content and Web Source NAT Operation and ConfigurationFiltering Destination NAT Operation and

Configurationline Static NAT Operation and Configuration

Traditional Security line Proxy ARPBreaking the Tradition Traditional Security Monitoring and Verifying NAT OperationThe Junos OS Architecture Breaking the Tradition Lab: Network Address Translation Zone Configuration The Junos OS Architecture Secure VPN RequirementsMonitoring Security Zones Zone Configuration IPsec DetailsLab: Configuring and Monitoring Zones Monitoring Security Zones Configuration of IPsec VPNs


Policy Components Lab: Configuring and Monitoring Zones IPsec VPN MonitoringVerifying Policy Operation Policy Components Lab: Implementing IPsec VPNs Policy Scheduling and Rematching Verifying Policy Operation IDP Policy Components and ConfigurationPolicy Case Study Policy Scheduling and Rematching Signature DatabaseLab: Security Policies Policy Case Study Case Study: Applying the RecommendedPass-Through Authentication Lab: Security Policies IDP PolicyWeb Authentication Pass-Through Authentication Monitoring IDP OperationClient Groups Web Authentication Lab: Implementing IDP Using External Authentication Servers Client Groups Chassis Cluster ComponentsVerifying Firewall User Authentication Using External Authentication Servers Chassis Cluster OperationLab: Configuring Firewall Authentication Verifying Firewall User Authentication Chassis Cluster ConfigurationStages and Types of Attacks Lab: Configuring Firewall Authentication Chassis Cluster MonitoringUsing Junos SCREEN Stages and Types of Attacks Lab: Implementing Chassis Clusters Options—Reconnaissance Attack Handling Using Junos SCREEN UTM Feature OverviewUsing Junos SCREEN Options—Denial of Options—Reconnaissance Attack Design BasicsService Attack Handling Handling Hardware SupportUsing Junos SCREEN Options—Suspicious Using Junos SCREEN Options—Denial Licensing of FeaturesPackets Attack Handling of Service Attack Handling Lab: Connecting to the Lab Equipment andApplying and Monitoring SCREEN Options Using Junos SCREEN Testing Connectivity Lab: Implementing SCREEN Options Options—Suspicious Packets Attack Overview of Antispam ProcessSource NAT Operation and Configuration Handling UTM Policy OverviewDestination NAT Operation and Applying and Monitoring SCREEN Configuration StepsConfiguration Options Monitoring AntispamStatic NAT Operation and Configuration Lab: Implementing SCREEN Options Lab: Configuring an Antispam Policy Proxy ARP Source NAT Operation and Configuration Overview of Antivirus ProcessMonitoring and Verifying NAT Operation Destination NAT Operation and AV OperationLab: Network Address Translation Configuration Full File-based AV ConfigurationSecure VPN Requirements Static NAT Operation and Configuration Express AV ConfigurationIPsec Details Proxy ARP Monitoring AVConfiguration of IPsec VPNs Monitoring and Verifying NAT Operation Lab: Antivirus Configuration and Testing IPsec VPN Monitoring Lab: Network Address Translation ConfigurationLab: Implementing IPsec VPNs Secure VPN Requirements Verification and MonitoringIDP Policy Components and Configuration IPsec Details Lab: Configuring Content and WebSignature Database Configuration of IPsec VPNs Filtering Case Study: Applying the Recommended IPsec VPN MonitoringIDP Policy Lab: Implementing IPsec VPNs Content and Web FilteringMonitoring IDP Operation IDP Policy Components and lineLab: Implementing IDP Configuration Overview and TerminologyChassis Cluster Components Signature DatabaseChassis Cluster Operation Case Study: Applying the RecommendedChassis Cluster Configuration IDP Policy lineChassis Cluster Monitoring Monitoring IDP Operation Traditional SecurityLab: Implementing Chassis Clusters Lab: Implementing IDP Breaking the TraditionUTM Feature Overview Chassis Cluster Components The Junos OS Architecture Design Basics Chassis Cluster Operation Zone ConfigurationHardware Support Chassis Cluster Configuration Monitoring Security ZonesLicensing of Features Chassis Cluster Monitoring Lab: Configuring and Monitoring Zones Lab: Connecting to the Lab Equipment and Lab: Implementing Chassis Clusters Policy ComponentsTesting Connectivity UTM Feature Overview Verifying Policy OperationOverview of Antispam Process Design Basics Policy Scheduling and RematchingUTM Policy Overview Hardware Support Policy Case StudyConfiguration Steps Licensing of Features Lab: Security Policies Monitoring Antispam Lab: Connecting to the Lab Equipment Pass-Through AuthenticationLab: Configuring an Antispam Policy and Testing Connectivity Web AuthenticationOverview of Antivirus Process Overview of Antispam Process Client GroupsAV Operation UTM Policy Overview Using External Authentication ServersFull File-based AV Configuration Configuration Steps Verifying Firewall User AuthenticationExpress AV Configuration Monitoring Antispam Lab: Configuring Firewall Authentication Monitoring AV Lab: Configuring an Antispam Policy Stages and Types of AttacksLab: Antivirus Configuration and Testing Overview of Antivirus Process Using Junos SCREENConfiguration AV Operation Options—Reconnaissance AttackVerification and Monitoring Full File-based AV Configuration HandlingLab: Configuring Content and Web Filtering Express AV Configuration Using Junos SCREEN Options—Denial of

Monitoring AV Service Attack HandlingLab: Antivirus Configuration and Testing Using Junos SCREEN

line Configuration Options—Suspicious Packets Attack


Traditional Security Verification and Monitoring HandlingBreaking the Tradition Lab: Configuring Content and Web Applying and Monitoring SCREEN OptionsThe Junos OS Architecture Filtering Lab: Implementing SCREEN Options Zone Configuration Source NAT Operation and ConfigurationMonitoring Security Zones Destination NAT Operation andLab: Configuring and Monitoring Zones line ConfigurationPolicy Components Traditional Security Static NAT Operation and ConfigurationVerifying Policy Operation Breaking the Tradition Proxy ARPPolicy Scheduling and Rematching The Junos OS Architecture Monitoring and Verifying NAT OperationPolicy Case Study Zone Configuration Lab: Network Address Translation Lab: Security Policies Monitoring Security Zones Secure VPN RequirementsPass-Through Authentication Lab: Configuring and Monitoring Zones IPsec DetailsWeb Authentication Policy Components Configuration of IPsec VPNsClient Groups Verifying Policy Operation IPsec VPN MonitoringUsing External Authentication Servers Policy Scheduling and Rematching Lab: Implementing IPsec VPNs Verifying Firewall User Authentication Policy Case Study IDP Policy Components and ConfigurationLab: Configuring Firewall Authentication Lab: Security Policies Signature DatabaseStages and Types of Attacks Pass-Through Authentication Case Study: Applying the RecommendedUsing Junos SCREEN Web Authentication IDP PolicyOptions—Reconnaissance Attack Handling Client Groups Monitoring IDP OperationUsing Junos SCREEN Options—Denial of Using External Authentication Servers Lab: Implementing IDP Service Attack Handling Verifying Firewall User Authentication Chassis Cluster ComponentsUsing Junos SCREEN Options—Suspicious Lab: Configuring Firewall Authentication Chassis Cluster OperationPackets Attack Handling Stages and Types of Attacks Chassis Cluster ConfigurationApplying and Monitoring SCREEN Options Using Junos SCREEN Chassis Cluster MonitoringLab: Implementing SCREEN Options Options—Reconnaissance Attack Lab: Implementing Chassis Clusters Source NAT Operation and Configuration Handling UTM Feature OverviewDestination NAT Operation and Using Junos SCREEN Options—Denial Design BasicsConfiguration of Service Attack Handling Hardware SupportStatic NAT Operation and Configuration Using Junos SCREEN Licensing of FeaturesProxy ARP Options—Suspicious Packets Attack Lab: Connecting to the Lab Equipment andMonitoring and Verifying NAT Operation Handling Testing Connectivity Lab: Network Address Translation Applying and Monitoring SCREEN Overview of Antispam ProcessSecure VPN Requirements Options UTM Policy OverviewIPsec Details Lab: Implementing SCREEN Options Configuration StepsConfiguration of IPsec VPNs Source NAT Operation and Configuration Monitoring AntispamIPsec VPN Monitoring Destination NAT Operation and Lab: Configuring an Antispam Policy Lab: Implementing IPsec VPNs Configuration Overview of Antivirus ProcessIDP Policy Components and Configuration Static NAT Operation and Configuration AV OperationSignature Database Proxy ARP Full File-based AV ConfigurationCase Study: Applying the Recommended Monitoring and Verifying NAT Operation Express AV ConfigurationIDP Policy Lab: Network Address Translation Monitoring AVMonitoring IDP Operation Secure VPN Requirements Lab: Antivirus Configuration and Testing Lab: Implementing IDP IPsec Details ConfigurationChassis Cluster Components Configuration of IPsec VPNs Verification and MonitoringChassis Cluster Operation IPsec VPN Monitoring Lab: Configuring Content and WebChassis Cluster Configuration Lab: Implementing IPsec VPNs Filtering Chassis Cluster Monitoring IDP Policy Components andLab: Implementing Chassis Clusters ConfigurationUTM Feature Overview Signature Database lineDesign Basics Case Study: Applying the Recommended Traditional SecurityHardware Support IDP Policy Breaking the TraditionLicensing of Features Monitoring IDP Operation The Junos OS Architecture Lab: Connecting to the Lab Equipment and Lab: Implementing IDP Zone ConfigurationTesting Connectivity Chassis Cluster Components Monitoring Security ZonesOverview of Antispam Process Chassis Cluster Operation Lab: Configuring and Monitoring Zones UTM Policy Overview Chassis Cluster Configuration Policy ComponentsConfiguration Steps Chassis Cluster Monitoring Verifying Policy OperationMonitoring Antispam Lab: Implementing Chassis Clusters Policy Scheduling and RematchingLab: Configuring an Antispam Policy UTM Feature Overview Policy Case StudyOverview of Antivirus Process Design Basics Lab: Security Policies AV Operation Hardware Support Pass-Through AuthenticationFull File-based AV Configuration Licensing of Features Web AuthenticationExpress AV Configuration Lab: Connecting to the Lab Equipment Client GroupsMonitoring AV and Testing Connectivity Using External Authentication ServersLab: Antivirus Configuration and Testing Overview of Antispam Process Verifying Firewall User Authentication


Configuration UTM Policy Overview Lab: Configuring Firewall Authentication Verification and Monitoring Configuration Steps Stages and Types of AttacksLab: Configuring Content and Web Filtering Monitoring Antispam Using Junos SCREEN

Lab: Configuring an Antispam Policy Options—Reconnaissance AttackOverview of Antivirus Process Handling

line AV Operation Using Junos SCREEN Options—Denial ofTraditional Security Full File-based AV Configuration Service Attack HandlingBreaking the Tradition Express AV Configuration Using Junos SCREENThe Junos OS Architecture Monitoring AV Options—Suspicious Packets AttackZone Configuration Lab: Antivirus Configuration and Testing HandlingMonitoring Security Zones Configuration Applying and Monitoring SCREEN OptionsLab: Configuring and Monitoring Zones Verification and Monitoring Lab: Implementing SCREEN Options Policy Components Lab: Configuring Content and Web Source NAT Operation and ConfigurationVerifying Policy Operation Filtering Destination NAT Operation andPolicy Scheduling and Rematching ConfigurationPolicy Case Study High Availability Clustering Static NAT Operation and ConfigurationLab: Security Policies line Proxy ARPPass-Through Authentication High Availability Overview Monitoring and Verifying NAT OperationWeb Authentication Lab: Network Address Translation Client Groups Secure VPN RequirementsUsing External Authentication Servers line IPsec DetailsVerifying Firewall User Authentication Traditional Security Configuration of IPsec VPNsLab: Configuring Firewall Authentication Breaking the Tradition IPsec VPN MonitoringStages and Types of Attacks The Junos OS Architecture Lab: Implementing IPsec VPNs Using Junos SCREEN Zone Configuration IDP Policy Components and ConfigurationOptions—Reconnaissance Attack Handling Monitoring Security Zones Signature DatabaseUsing Junos SCREEN Options—Denial of Lab: Configuring and Monitoring Zones Case Study: Applying the RecommendedService Attack Handling Policy Components IDP PolicyUsing Junos SCREEN Options—Suspicious Verifying Policy Operation Monitoring IDP OperationPackets Attack Handling Policy Scheduling and Rematching Lab: Implementing IDP Applying and Monitoring SCREEN Options Policy Case Study Chassis Cluster ComponentsLab: Implementing SCREEN Options Lab: Security Policies Chassis Cluster OperationSource NAT Operation and Configuration Pass-Through Authentication Chassis Cluster ConfigurationDestination NAT Operation and Web Authentication Chassis Cluster MonitoringConfiguration Client Groups Lab: Implementing Chassis Clusters Static NAT Operation and Configuration Using External Authentication Servers UTM Feature OverviewProxy ARP Verifying Firewall User Authentication Design BasicsMonitoring and Verifying NAT Operation Lab: Configuring Firewall Authentication Hardware SupportLab: Network Address Translation Stages and Types of Attacks Licensing of FeaturesSecure VPN Requirements Using Junos SCREEN Lab: Connecting to the Lab Equipment andIPsec Details Options—Reconnaissance Attack Testing Connectivity Configuration of IPsec VPNs Handling Overview of Antispam ProcessIPsec VPN Monitoring Using Junos SCREEN Options—Denial UTM Policy OverviewLab: Implementing IPsec VPNs of Service Attack Handling Configuration StepsIDP Policy Components and Configuration Using Junos SCREEN Monitoring AntispamSignature Database Options—Suspicious Packets Attack Lab: Configuring an Antispam Policy Case Study: Applying the Recommended Handling Overview of Antivirus ProcessIDP Policy Applying and Monitoring SCREEN AV OperationMonitoring IDP Operation Options Full File-based AV ConfigurationLab: Implementing IDP Lab: Implementing SCREEN Options Express AV ConfigurationChassis Cluster Components Source NAT Operation and Configuration Monitoring AVChassis Cluster Operation Destination NAT Operation and Lab: Antivirus Configuration and Testing Chassis Cluster Configuration Configuration ConfigurationChassis Cluster Monitoring Static NAT Operation and Configuration Verification and MonitoringLab: Implementing Chassis Clusters Proxy ARP Lab: Configuring Content and WebUTM Feature Overview Monitoring and Verifying NAT Operation Filtering Design Basics Lab: Network Address Translation Hardware Support Secure VPN RequirementsLicensing of Features IPsec Details lineLab: Connecting to the Lab Equipment and Configuration of IPsec VPNs Traditional SecurityTesting Connectivity IPsec VPN Monitoring Breaking the TraditionOverview of Antispam Process Lab: Implementing IPsec VPNs The Junos OS Architecture UTM Policy Overview IDP Policy Components and Zone ConfigurationConfiguration Steps Configuration Monitoring Security ZonesMonitoring Antispam Signature Database Lab: Configuring and Monitoring Zones Lab: Configuring an Antispam Policy Case Study: Applying the Recommended Policy Components


Overview of Antivirus Process IDP Policy Verifying Policy OperationAV Operation Monitoring IDP Operation Policy Scheduling and RematchingFull File-based AV Configuration Lab: Implementing IDP Policy Case StudyExpress AV Configuration Chassis Cluster Components Lab: Security Policies Monitoring AV Chassis Cluster Operation Pass-Through AuthenticationLab: Antivirus Configuration and Testing Chassis Cluster Configuration Web AuthenticationConfiguration Chassis Cluster Monitoring Client GroupsVerification and Monitoring Lab: Implementing Chassis Clusters Using External Authentication ServersLab: Configuring Content and Web Filtering UTM Feature Overview Verifying Firewall User Authentication

Design Basics Lab: Configuring Firewall Authentication Hardware Support Stages and Types of Attacks

line Licensing of Features Using Junos SCREENTraditional Security Lab: Connecting to the Lab Equipment Options—Reconnaissance AttackBreaking the Tradition and Testing Connectivity HandlingThe Junos OS Architecture Overview of Antispam Process Using Junos SCREEN Options—Denial ofZone Configuration UTM Policy Overview Service Attack HandlingMonitoring Security Zones Configuration Steps Using Junos SCREENLab: Configuring and Monitoring Zones Monitoring Antispam Options—Suspicious Packets AttackPolicy Components Lab: Configuring an Antispam Policy HandlingVerifying Policy Operation Overview of Antivirus Process Applying and Monitoring SCREEN OptionsPolicy Scheduling and Rematching AV Operation Lab: Implementing SCREEN Options Policy Case Study Full File-based AV Configuration Source NAT Operation and ConfigurationLab: Security Policies Express AV Configuration Destination NAT Operation andPass-Through Authentication Monitoring AV ConfigurationWeb Authentication Lab: Antivirus Configuration and Testing Static NAT Operation and ConfigurationClient Groups Configuration Proxy ARPUsing External Authentication Servers Verification and Monitoring Monitoring and Verifying NAT OperationVerifying Firewall User Authentication Lab: Configuring Content and Web Lab: Network Address Translation Lab: Configuring Firewall Authentication Filtering Secure VPN RequirementsStages and Types of Attacks IPsec DetailsUsing Junos SCREEN Configuration of IPsec VPNsOptions—Reconnaissance Attack Handling line IPsec VPN MonitoringUsing Junos SCREEN Options—Denial of Traditional Security Lab: Implementing IPsec VPNs Service Attack Handling Breaking the Tradition IDP Policy Components and ConfigurationUsing Junos SCREEN Options—Suspicious The Junos OS Architecture Signature DatabasePackets Attack Handling Zone Configuration Case Study: Applying the RecommendedApplying and Monitoring SCREEN Options Monitoring Security Zones IDP PolicyLab: Implementing SCREEN Options Lab: Configuring and Monitoring Zones Monitoring IDP OperationSource NAT Operation and Configuration Policy Components Lab: Implementing IDP Destination NAT Operation and Verifying Policy Operation Chassis Cluster ComponentsConfiguration Policy Scheduling and Rematching Chassis Cluster OperationStatic NAT Operation and Configuration Policy Case Study Chassis Cluster ConfigurationProxy ARP Lab: Security Policies Chassis Cluster MonitoringMonitoring and Verifying NAT Operation Pass-Through Authentication Lab: Implementing Chassis Clusters Lab: Network Address Translation Web Authentication UTM Feature OverviewSecure VPN Requirements Client Groups Design BasicsIPsec Details Using External Authentication Servers Hardware SupportConfiguration of IPsec VPNs Verifying Firewall User Authentication Licensing of FeaturesIPsec VPN Monitoring Lab: Configuring Firewall Authentication Lab: Connecting to the Lab Equipment andLab: Implementing IPsec VPNs Stages and Types of Attacks Testing Connectivity IDP Policy Components and Configuration Using Junos SCREEN Overview of Antispam ProcessSignature Database Options—Reconnaissance Attack UTM Policy OverviewCase Study: Applying the Recommended Handling Configuration StepsIDP Policy Using Junos SCREEN Options—Denial Monitoring AntispamMonitoring IDP Operation of Service Attack Handling Lab: Configuring an Antispam Policy Lab: Implementing IDP Using Junos SCREEN Overview of Antivirus ProcessChassis Cluster Components Options—Suspicious Packets Attack AV OperationChassis Cluster Operation Handling Full File-based AV ConfigurationChassis Cluster Configuration Applying and Monitoring SCREEN Express AV ConfigurationChassis Cluster Monitoring Options Monitoring AVLab: Implementing Chassis Clusters Lab: Implementing SCREEN Options Lab: Antivirus Configuration and Testing UTM Feature Overview Source NAT Operation and Configuration ConfigurationDesign Basics Destination NAT Operation and Verification and MonitoringHardware Support Configuration Lab: Configuring Content and WebLicensing of Features Static NAT Operation and Configuration Filtering Lab: Connecting to the Lab Equipment and Proxy ARP


Testing Connectivity Monitoring and Verifying NAT OperationOverview of Antispam Process Lab: Network Address Translation UTM Policy Overview Secure VPN RequirementsConfiguration Steps IPsec DetailsMonitoring Antispam Configuration of IPsec VPNsLab: Configuring an Antispam Policy IPsec VPN MonitoringOverview of Antivirus Process Lab: Implementing IPsec VPNs AV Operation IDP Policy Components andFull File-based AV Configuration ConfigurationExpress AV Configuration Signature DatabaseMonitoring AV Case Study: Applying the RecommendedLab: Antivirus Configuration and Testing IDP PolicyConfiguration Monitoring IDP OperationVerification and Monitoring Lab: Implementing IDP Lab: Configuring Content and Web Filtering Chassis Cluster Components

Chassis Cluster OperationChassis Cluster ConfigurationChassis Cluster MonitoringLab: Implementing Chassis Clusters UTM Feature OverviewDesign BasicsHardware SupportLicensing of FeaturesLab: Connecting to the Lab Equipmentand Testing Connectivity Overview of Antispam ProcessUTM Policy OverviewConfiguration StepsMonitoring AntispamLab: Configuring an Antispam Policy Overview of Antivirus ProcessAV OperationFull File-based AV ConfigurationExpress AV ConfigurationMonitoring AVLab: Antivirus Configuration and Testing ConfigurationVerification and MonitoringLab: Configuring Content and WebFiltering

lineTraditional SecurityBreaking the TraditionThe Junos OS Architecture Zone ConfigurationMonitoring Security ZonesLab: Configuring and Monitoring Zones Policy ComponentsVerifying Policy OperationPolicy Scheduling and RematchingPolicy Case StudyLab: Security Policies Pass-Through AuthenticationWeb AuthenticationClient GroupsUsing External Authentication ServersVerifying Firewall User AuthenticationLab: Configuring Firewall Authentication Stages and Types of AttacksUsing Junos SCREENOptions—Reconnaissance AttackHandlingUsing Junos SCREEN Options—Denialof Service Attack Handling


Using Junos SCREENOptions—Suspicious Packets AttackHandlingApplying and Monitoring SCREENOptionsLab: Implementing SCREEN Options Source NAT Operation and ConfigurationDestination NAT Operation andConfigurationStatic NAT Operation and ConfigurationProxy ARPMonitoring and Verifying NAT OperationLab: Network Address Translation Secure VPN RequirementsIPsec DetailsConfiguration of IPsec VPNsIPsec VPN MonitoringLab: Implementing IPsec VPNs IDP Policy Components andConfigurationSignature DatabaseCase Study: Applying the RecommendedIDP PolicyMonitoring IDP OperationLab: Implementing IDP Chassis Cluster ComponentsChassis Cluster OperationChassis Cluster ConfigurationChassis Cluster MonitoringLab: Implementing Chassis Clusters UTM Feature OverviewDesign BasicsHardware SupportLicensing of FeaturesLab: Connecting to the Lab Equipmentand Testing Connectivity Overview of Antispam ProcessUTM Policy OverviewConfiguration StepsMonitoring AntispamLab: Configuring an Antispam Policy Overview of Antivirus ProcessAV OperationFull File-based AV ConfigurationExpress AV ConfigurationMonitoring AVLab: Antivirus Configuration and Testing ConfigurationVerification and MonitoringLab: Configuring Content and WebFiltering

lineTraditional SecurityBreaking the TraditionThe Junos OS Architecture Zone ConfigurationMonitoring Security ZonesLab: Configuring and Monitoring Zones Policy ComponentsVerifying Policy OperationPolicy Scheduling and RematchingPolicy Case StudyLab: Security Policies Pass-Through Authentication


Web AuthenticationClient GroupsUsing External Authentication ServersVerifying Firewall User AuthenticationLab: Configuring Firewall Authentication Stages and Types of AttacksUsing Junos SCREENOptions—Reconnaissance AttackHandlingUsing Junos SCREEN Options—Denialof Service Attack HandlingUsing Junos SCREENOptions—Suspicious Packets AttackHandlingApplying and Monitoring SCREENOptionsLab: Implementing SCREEN Options Source NAT Operation and ConfigurationDestination NAT Operation andConfigurationStatic NAT Operation and ConfigurationProxy ARPMonitoring and Verifying NAT OperationLab: Network Address Translation Secure VPN RequirementsIPsec DetailsConfiguration of IPsec VPNsIPsec VPN MonitoringLab: Implementing IPsec VPNs IDP Policy Components andConfigurationSignature DatabaseCase Study: Applying the RecommendedIDP PolicyMonitoring IDP OperationLab: Implementing IDP Chassis Cluster ComponentsChassis Cluster OperationChassis Cluster ConfigurationChassis Cluster MonitoringLab: Implementing Chassis Clusters UTM Feature OverviewDesign BasicsHardware SupportLicensing of FeaturesLab: Connecting to the Lab Equipmentand Testing Connectivity Overview of Antispam ProcessUTM Policy OverviewConfiguration StepsMonitoring AntispamLab: Configuring an Antispam Policy Overview of Antivirus ProcessAV OperationFull File-based AV ConfigurationExpress AV ConfigurationMonitoring AVLab: Antivirus Configuration and Testing ConfigurationVerification and MonitoringLab: Configuring Content and WebFiltering


Further Information:

For More information, or to book your course, please call us on Head Office 01189 123456 / Northern Office 0113 242 5931

[email protected]

www.globalknowledge.co.uk

Global Knowledge, Mulberry Business Park, Fishponds Road, Wokingham Berkshire RG41 2GY UK

http://www.globalknowledge.co.uk

Documents

JNCIS Security Certification Boot Camp (JSEC, JUTM) · 2017. 5. 18. · JSEC-JUTM [email protected] 01189 123456 JNCIS Security Certification Boot Camp (JSEC, JUTM) Duration: