JUNIPER SECURING THE DATACENTER

educat ion serv ices coursew a re

Securing the Data CenterSecuring the Data CenterSecuring the Data CenterSecuring the Data Center Student GuideStudent GuideStudent GuideStudent Guide

Securing the Data Center

Course SOT-DCD05F-ML5 © Juniper Networks, Inc. 2

NOTE: Please note this Student Guide has been developed from an audio narration. Therefore it will have

conversational English. The purpose of this transcript is to help you follow the online presentation and may require

reference to it.

Slide 1

© 2015 Juniper Networks, Inc. All rights reserved. www.juniper.net | 1CONFIDENTIAL SOT-DCD05F-ML5

Build the Best



Slide 2

© 2014 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

Juniper Networks

Data Center Design

Best Practices


Welcome to Juniper Networks “Securing the Data Center” eLearning module. In this course module, we will provide an overview of the Juniper Networks security products and capabilities for securing the data center.



Slide 3


Navigation

Throughout this module, you will find slides with valuable detailed information. You can stop any slide with the Pause button to study the details. You can also read the notes by using the Notes tab. You can click the Feedback link at any time to submit suggestions or corrections directly to the Juniper Networks eLearning team.



Slide 4


Course Objectives

� After successfully completing this course, you will be

able to:

•Provide an overview of Juniper’s SRX Series physical and

virtual security products

•Explore Juniper’s IPS capabilities

•Describe tools for network deployment, management, and

troubleshooting

After successfully completing this course, you will be able to: • Provide an overview of Juniper’s SRX Series physical and virtual security products; and • Explore Juniper’s IPS capabilities; and • Describe tools for network deployment, management, and troubleshooting.



Slide 5


Agenda: Securing the Data Center

� Physical and Virtual SRX Series Platforms

� An Overview of IPS, the Junos OS, Junos Space

Security Director, and Secure Analytics

This course consists of two sections. The two main sections are as follows: • Physical and Virtual SRX Series Platforms; and • An Overview of IPS, the Junos OS, Junos Space Security Director, and Secure Analytics.



Slide 6


Physical and Virtual

SRX Series Platforms

Juniper Networks

Data Center Design

Best Practices

Physical and Virtual SRX Series Platforms



Slide 7


Section Objectives

� After successfully completing this section, you will be

able to:

•Provide an overview of Juniper’s SRX Series

•Discuss Juniper’s control and data plane architecture

•Explore the features of the SRX Series physical and virtual

platforms

After successfully completing this section, you will be able to: • Provide an overview of Juniper’s SRX Series; • Discuss Juniper’s control and data plane architecture; and • Explore the features of the SRX Series physical and virtual platforms.



Slide 8


SRX Series Services Gateways

High-End SRX

Junos OS

Unprecedented ScaleIntegrated Routing, Switching and Security

Branch SRX

Branch Campus Data Center

SRX3400

SRX100SRX210 SRX220

SRX240

SRX650

SRX110

SRX550

SRX1400

SRX3600

SRX5400

SRX5600

SRX5800

100G

1G

10G

Next-Generation Firewalls

Virtual SRX

(vSRX)

SRX Series Services Gateways SRX Series platforms run from the branch office models, suitable for managed service offerings, to campus platforms, and all the way to high-end modular systems capable of running at more than 300 Gbps for the most demanding data center deployments. SRX Series Services Gateways for the branch are next-generation security firewalls that provide essential capabilities that connect, secure, and manage workforce locations sized from handfuls to hundreds of users. By consolidating fast, highly-available switching, routing, security, and next generation firewall capabilities in a single device, enterprises can protect their resources as well as economically deliver new services, safe connectivity, and a satisfying end-user experience. Juniper Networks virtual SRX product, Firefly Perimeter, goes beyond traditional security appliances with a new virtual firewall that is delivered in a virtual machine (VM) form factor and based on Juniper’s Junos operating system (Junos OS) and the SRX Series Services Gateways. The high-end SRX Series platforms have an industry leading architecture that sets them apart based on the following capabilities: • Unprecedented scale to enable a multitude of services without having to pay a huge performance penalty; and • A modular architecture which allows customers to buy the hardware that is needed today with the ability to scale

into the future.



Slide 9


Control Plane

Data Plane

Physical Interfaces

Packet Forwarding

Module N

Interfaces

Management

Routing

…Kernel

Architecture:Separate Data and Control Plane

DoS and

DDoS Attacks

Attacks can be thwartedAttacks can be thwartedAttacks can be thwartedAttacks can be thwarted

Under attack, administrator maintains

management access to modify policy,

disallow bad traffic, and process good

traffic – your network stays up

Shared Plane

Data

Management

Routing

DoS and

DDoS Attacks

Attacks overwhelm the boxAttacks overwhelm the boxAttacks overwhelm the boxAttacks overwhelm the box

Administrator loses management access

– your network is down

Architecture: Separate Data and Control Plane Juniper’s separate data and control plane architecture offers significant advantages. Consider the following: • With competitors’ single plane design:

• During attacks, there is no management access to address the situation; and • During attacks, processing of routing updates stop, and the network is down.

• With Juniper’s separate control and data plane design: • You maintain management access, even during a DoS/DDoS attacks; and • Route update processing continues.

Separate data plane (packet forwarding) and control plane (management) architecture provides the following benefits: • Scales performance; • Enhances resiliency; and • Enables redundancy.



Slide 10


� Enables complete application visibility and control

� Integrates security for physical and virtual data centers

� Strong, dynamic content security: leveraging intelligence from multiple security companies

� Secure and resilient even under the most demanding conditions

Best In Class Security

Best In Class Security The SRX Series offers the broadest security protection in the market, such as the following: • The SRX Series enables complete application visibility and control; • Integrates security for physical and virtual data centers; • Provides strong UTM capabilities, leveraging intelligence from multiple security companies; and • Is secure and resilient, even under demanding situations, utilizing a unique architectural design based on multiple

processing cores and a separation of the data and control planes.



Slide 11


� Delivers high-performance throughput, massive session volume, and flexible, large-scale connectivity

� Add security services without service interruptions for business continuity

� Enables pay as you grow approach

Maximum Performance and Scale

Maximum Performance and Scale The SRX Series provides the following performance and scaling capabilities: • The SRX Series delivers high-performance throughput, massive session volume, and flexible, large-scale

connectivity; • High-throughput connectivity options match virtually any business requirement, including the industry’s first

100-Gigabit interface option; • Next-generation I/O card (NG-IOC) connectivity options include 100-Gigabit Ethernet, 40-Gigabit Ethernet,

and high density 10-Gigabit Ethernet interfaces; and • The SRX Series delivers up to 300 Gbps of firewall throughput and scales to 100 million sessions, 450,000

connections per second, and 218 Gbps IPsec throughput. • For business continuity, the SRX Series can enable additional security services without service interruptions;

• Just activate security services licenses—with no special install or appliances. • The SRX Series provides a pay-as-you-grow approach;

• You can add additional cards as needed.



Slide 12


� Delivers uptime continuity with in-service hardware and software upgrades

� Enables high availability with redundant components and links

� Built on a carrier-class hardware foundation

Carrier-Grade Reliability

Carrier-grade Reliability The SRX Series builds on Juniper’s reputation of carrier-grade reliability with the following features: • The SRX Series delivers uptime continuity with in-service hardware and software upgrades; • Enables high availability with redundant components and links; and • Provides carrier-class hardware for network resiliency.



Slide 13


Small Office

SRX240

+ 4 WAN slots,

16 x GigE, PoE

1 GB DRAM

Hardware Platforms Scale from 1-Gigabit Ethernet to 10-Gigabit Ethernet

SRX110

Fixed Config

VDSL2 WAN

8 x FE1

GB DRAMSRX210

WAN slot,

2 x GigE, PoE,

1 GB DRAM

SRX650

+ More LAN slots, Dual P/S, + Hot Swap I/O

4 GB DRAM

Fixed Config

8 x FE1

GB DRAM

SRX100Large Branch/Regional Office/Data Center

2mPIM+6GPIM

WAN slots, 10 x GigE,

PoE, Dual PS

2 GB DRAM

SRX550+ 2 WAN slots,

8 x GigE, PoE

1 GB DRAM

SRX220

Branch SRX Series GatewaysNext-generation Security Gateways

Small to Medium Office

Branch SRX Series Gateways SRX Series Services Gateways for the branch are next-generation security gateways that provide essential capabilities that connect, secure, and manage workforce locations sized from handfuls to hundreds of users. Here is a snapshot of the Juniper Networks SRX Series for the branch portfolio: • The SRX100 is a fixed form factor device, ideal for small offices. • The SRX110 provides a platform similar to the SRX100, but with integrated vDSL2, which is intended for

environments where the primary WAN connectivity will be DSL. • The SRX210 and SRX220 are ideal solutions for small to medium offices;

• The SRX210 has one mini-PIM slot with two Gigabit Ethernet interfaces and six FE interfaces; and • The SRX220 has two mini-PIM slots and eight onboard Gigabit Ethernet interfaces.

• The SRX240 is ideal for medium offices with four built-in mini-PIM slots and 16 on-board Gigabit Ethernet interfaces;

• The SRX550 fills the price/performance gap between the SRX240 and SRX650 and is a flexible solution, ideal for mid to large branch offices; and

• The SRX650 is great for large branch and regional offices with more LAN slots and dual processors and power supplies for increased availability.



Slide 14


vSRX

vSRX

VMVMVMVMVMVMVMVM

• Virtual version of the SRX

Series

• Provides north / south

firewall (5 Gbps), NAT,

routing, VPN connectivity

features in a flexible

virtual machine format

VMVMVMVM VMVMVMVM

Secure Secure Secure Secure

vSRX vSRX was introduced by Juniper in January of 2014. At a very high level, vSRX is a physical SRX Series device in VM format. You can think of it, for example, as taking an SRX550 or SRX240 from the SRX Series product line, stripping away the sheet metal, power cable, and all of the physical elements of the device, and then you have Firefly Perimeter. You get all the flexibility associated with running the product in a VM—put it in the cloud or put it in various different infrastructures to have the VMs use vSRX as their default gateway for all traffic that they process. Because it is in a VM, it is bound at about 5 Gbps firewall throughout. You get the flexibility of the VM format, you do not have to make any kernel changes, and there is no dependency on API integrations. vSRX is for use cases where you need north-south filtering at about 5 Gbps of performance, and you also need connectivity features such as Network Address Translation (NAT), routing, and VPN. All of those pieces are inherent in Junos and all are available in the vSRX product. Think of this as the north-south and connectivity feature set in VM format.



Slide 15


Carrier-grade Availability

SRX Series Services Gateways for the High End

Tailored Security for Critical Assets

Best-in-class Security

Maximum Performance and Scale

SRX Series Services Gateways for the High End SRX Series Services Gateways for the high end deliver tailored security for your critical assets. To meet the solution requirements, the SRX Series for the high end is a next-generation firewall that offers: • Best-in-class security; • Maximum performance and scale; and • Carrier–grade availability. Let’s explore each of these attributes in greater detail.



Slide 16


Areas of Deployment

•Traditional on-premises data centers•SRX Series hardware platforms

Private Cloud

•vSRX or vMX in conjunction with SRX Series hardware on-premises

•Cloud bursting

•vCPE or vPE deployment

Hybrid Cloud

•Amazon, Google, Facebook type of cloud deployment using vSRX or vMX

•Not reliant on on-premise devices

Public Cloud

Areas of Deployment Juniper Networks physical as well as virtual firewall platforms can be deployed in the following areas: • Private Cloud (Enterprise data center/private cloud):

• Traditional on-premises data centers; and • SRX Series hardware platforms, from the SRX100 to the SRX5800.

• Hybrid Cloud: • Enterprise network application and workload extension into the cloud vSRX or the new virtual MX Series

(vMX) in the cloud in conjunction with an enterprise SRX Series hardware platform on-premises. • Bookend solution: Juniper-to-Juniper hybrid cloud deployment (Juniper end-to-end Layer 3 to Layer 7

deployment and control) • Cloud bursting (using SRX Series high-end platforms on-premises or any IPsec capable public cloud firewall)

• Non-bookend solution: Juniper-to-other cloud termination (such as, AWS, EC2, or Google firewall offering, Layer 3 to Layer 7 deployment)

• Virtual Customer Premises Equipment (vCPE) deployment such as vSRX or virtual provider edge router, (vPE)/vCPE, such as vMX

• Public Cloud: • Amazon, Google, Facebook, Microsoft vCPE/vPE cloud deployment (using vSRX or vMX) • Not reliant on any SRX device being on-premises in the enterprise



Slide 17


Section Summary

� In this section, we:

•Provided an overview of Juniper’s SRX Series

•Discussed Juniper’s control and data plane architecture

•Explored the features of the SRX Series physical and virtual

platforms

In this section, we: • Provided an overview of Juniper’s SRX Series; • Discussed Juniper’s control and data plane architecture; and • Explored the features of the SRX Series physical and virtual platforms.



Slide 18


Learning Activity 1: Question 1

�What are three benefits that Juniper’s separate

control and data plane architecture provides?

(Choose three.)

A. Management access is separated from packet forwarding

B. Packets can still be forwarded when an attack occurs

C. Route processing is automatically stopped when under

attack

D. Resiliency is enhanced




Slide 18



�How much firewall throughput does Firefly Perimeter

currently provide?

A. 1 Gbps

B. 5 Gbps

C. 7 Gbps

D. 10 Gbps




Slide 19


An Overview of IPS, the Junos OS,

Junos Space Security Director, and

Secure Analytics

Juniper Networks

Data Center Design

Best Practices

An Overview of IPS, the Junos OS, Junos Space Security Director, and Secure Analytics To round out the data center security discussion, this section will provide an overview of Juniper IPS, the Junos OS, the Security Director application within Junos Space, and Secure Analytics.



Slide 20


Section Objectives

� After successfully completing this section, you will be

able to:

•Describe Juniper Networks IPS features and capabilities

•Describe the basic features of Junos OS

•Discuss Juniper’s tools that assist in the deployment,

management, and troubleshooting of large network

deployments

After successfully completing this section, you will be able to: • Describe Juniper Networks intrusion prevention systems (IPS) features and capabilities; • Describe the basic features of Junos OS; and • Discuss Juniper’s tools that assist in the deployment, management, and troubleshooting of large network

deployments.



Slide 21


IPS Capabilities

Stateful Signature Stateful Signature Stateful Signature Stateful Signature InspectionInspectionInspectionInspection

•Minimizes false positives

•Applied only to relevant traffic

Protocol DecodesProtocol DecodesProtocol DecodesProtocol Decodes

•Enforce proper usage of protocols

•Improves signature accuracy through precise contexts of protocols

SignaturesSignaturesSignaturesSignatures

•Identify anomalies, attacks, spyware, and applications

•Detects attacks and attempts to exploit known vulnerabilities

Traffic NormalizationTraffic NormalizationTraffic NormalizationTraffic Normalization

•Reassembly, normalization, and protocol decoding

•Overcomes attempts to bypass other IPS detections through obfuscation

ZeroZeroZeroZero----Day ProtectionDay ProtectionDay ProtectionDay Protection

•Detects protocol anomalies and protects same-day for new vulnerabilities and exploits

Recommended PolicyRecommended PolicyRecommended PolicyRecommended Policy

•Critical attack signatures are identified

•Simplifies installation and maintenance while ensuring the highest network security

Active/Active Traffic Active/Active Traffic Active/Active Traffic Active/Active Traffic MonitoringMonitoringMonitoringMonitoring

•Monitors SRX clusters and delivers advanced features such as in-service software upgrade

Packet CapturePacket CapturePacket CapturePacket Capture

•IPS policy supports packet capture logging per rule

•Conducts further analysis of surrounding traffic and determines further steps for additional protection

IPS Capabilities Juniper Networks IPS capabilities offer several unique features that assure the highest level of network security. Stateful signature inspection provides the following: • Minimizes false positives and offers flexible signature development; and • Signatures are applied only to relevant portions of the network traffic as determined by the appropriate protocol

context. Protocol decodes offer the following: • More than 65 protocol decodes are supported along with more than 500 contexts to enforce proper usage of

protocols; and • Accuracy of signatures are improved through precise contexts of protocols. Signatures offer the following: • There are more than 8,500 signatures for identifying anomalies, attacks, spyware, and applications and • Attacks are accurately identified and attempts to exploit known vulnerabilities are prevented. Traffic normalization provides the following: • Reassembly, normalization, and protocol decoding; and • Overcomes attempts to bypass other IPS detections by using obfuscation methods.

Zero-day protection provides the following: • Protocol anomaly detection and same-day coverage for newly found vulnerabilities; and • Protects your network against any new exploits. Recommended policy offers the following: • A group of attack signatures are identified by the Juniper Networks Security Team as critical for the typical

enterprise to protect against; and • Installation and maintenance are simplified while ensuring the highest network security. Active/active traffic monitoring provides the following: • IPS monitoring on active/active SRX5000 line chassis clusters; and • Support for active/active IPS monitoring including advanced features such as in-service software upgrade; and



Packet capture provides the following: • IPS policy supports packet capture logging per rule; and • Conducts further analysis of surrounding traffic and determines further steps to protect the target.



Slide 22


The Junos OS

� Reliable, high-performance network operating system

for routing, switching, and security

� improves the reliability, performance, and security of

existing applications

� Automates network operations

� Architected with DevOps in mind

The Junos OS Junos OS is a reliable, high-performance network operating system for routing, switching, and security. It reduces the time necessary to deploy new services and decreases network operation costs. Junos OS offers secure programming interfaces and the Junos software development kit (Junos SDK) for developing applications that can unlock more value from the network. Running Junos OS in a network improves the reliability, performance, and security of existing applications. It automates network operations on a streamlined system, allowing more time to focus on deploying new applications and services. Junos OS is scalable both up and down, providing a consistent, reliable, stable system for developers and operators. This, in turn, means a more cost-effective solution for your business. Junos OS is architected with DevOps in mind. With versatile scripting support and integration with popular orchestration frameworks, Junos OS offers flexible options for continuous delivery and DevOps style management. The Junos Continuity features further enhance continuous delivery and efficient software re-qualification.



Slide 23


Junos OS Features

• One operating system

• Steady release train

• Modular software architecture

• Ease of use and operational

agility

• Simple routing policy

management

• Separate control and data planes

increase reliability and security

• Junos Continuity features

Control Plane

Data Plane

Management

Routing

Switching

Daemon X

Kernel

mKernel

Open Management Interfaces

HAL

Physical Interfaces

Junos OS Features Junos OS offers the following features: • One operating system reduces time and effort to plan, deploy, and operate network infrastructure; • A steady release train provides stable delivery of new functionality; • Modular software architecture provides highly available and scalable software that keeps up with changing needs; • Meaningful configuration hierarchies together with annotations, commit check, commit, and rollback features

exemplify ease of use and operational agility; • Simple routing policy management supports fine-grained network traffic controls; • Separate control and data planes increase reliability and security; and • Designed for DevOps, Junos Continuity aids continuous delivery, zero downtime, and vastly reduced re-

qualification times when introducing new line card or chassis upgrades.



Slide 24


Managing the Network and Security

Firewall management and UTM

IPsec VPN management

NAT management

IPS signature management

AppFW

Junos Space Security Director

• Control the device throughout its life cycle

with a single, centralized dashboard

• Provides security scale, granular policy

control, and policy breadth

• Quickly manage all phases of the security

policy life cycle

Secure Analytics

• SIEM capabilities—efficiently manage

business operations on networks from a

single console

• Analyze and manage network data

• Log management

• Real-time threat management

Security

Information

and Event

Management

Network

Behavior

Analysis and

Application

Visibility

Log

Management

Secure Analytics

Managing the Network and Security Unlike solutions that require administrators to use multiple management tools to control a single device, Junos Space Security Director enables IT departments to control the device throughout its life cycle with a single, centralized dashboard. As an application on Junos Space Network Management Platform, Junos Space Security Director provides extensive security scale, granular policy control, and policy breadth across the network. It helps administrators quickly manage all phases of the security policy life cycle for stateful firewall, UTM, IPS, application firewall (AppFW), VPN, and NAT through a centralized web-based interface. Junos Space Security Director reduces management costs and errors with efficient security policy, workflow tools, and a powerful “app” and platform architecture. Juniper Networks Secure Analytics provides Security Information and Event Management (SIEM) capabilities. By combining, analyzing, and managing an unparalleled set of surveillance data—network behavior, security events, vulnerability profiles, and threat information—it helps empower companies to efficiently manage business operations on their networks from a single console. It offers superior log management with distributed log collection and centralized viewing, threats management that delivers real-time surveillance and detection information, and compliance management capabilities—all viewed and managed from one console. Juniper Networks Advanced Insight Solution (AIS) provides in-service diagnostic functionality with flexible automated monitoring and reporting. Third-party network management partners supporting the Juniper products provide additional management solutions for network, fault, performance, and change control. By selecting the appropriate management tool, network administrators can deploy, manage and troubleshoot large network deployments.



Slide 25


Section Summary

� In this section, we:

•Described Juniper Networks IPS features and capabilities

•Described the basic features of Junos OS

•Discussed Juniper’s tools that assist in the deployment,

management, and troubleshooting of large network

deployments

In this section, we: • Described Juniper Networks IPS features and capabilities; • Described the basic features of Junos OS; and • Discussed Juniper’s tools that assist in the deployment, management, and troubleshooting of large network

deployments.



Slide 26



� Security Director is an application that runs on which

Juniper product?

A. Firefly Perimeter

B. Secure Analytics

C. Junos Space

D. SRX Series




Slide 26



� True or false: Secure Analytics offers log

management, threat management, and compliance

management, all in one product.

A. True

B. False




Slide 27


Course Summary

� In this course, we:

• Provided an overview of Juniper’s SRX Series physical and

virtual security products

• Explored Juniper’s IPS capabilities

• Described tools for network deployment, management, and

troubleshooting

In this course, we: • Provided an overview of Juniper’s SRX Series physical and virtual security products; • Explored Juniper’s IPS capabilities; and • Described tools for network deployment, management, and troubleshooting.



Slide 28


Additional Resources

� Education Services training classes

•http://www.juniper.net/training/technical_education/

� Juniper Networks Certification Program Web site

•www.juniper.net/certification

� Juniper Networks documentation and white papers

•www.juniper.net/techpubs

� To submit errata or for general questions

•[email protected]

For additional resources or to contact the Juniper Networks eLearning team, click the links on the screen.



Slide 29


Evaluation and Survey

� You have reached the end of this Juniper Networks

eLearning module

� You should now return to your Juniper Learning

Center to take the assessment and the student

survey

•After successfully completing the assessment, you will earn

credits that will be recognized through certificates and non-

monetary rewards

•The survey will allow you to give feedback on

the quality and usefulness of the course

You have reached the end of this Juniper Networks eLearning module. You should now return to your Juniper Learning Center to take the assessment and the student survey. After successfully completing the assessment, you will earn credits that will be recognized through certificates and non-monetary rewards. The survey will allow you to give feedback on the quality and usefulness of the course.



Slide 30


Copyright © 2015 Juniper Networks, Inc.

All rights reserved. JUNIPER NETWORKS, the Juniper Networks logo,

JUNOS, QFABRIC, NETSCREEN, and SCREENOS are registered

trademarks of Juniper Networks, Inc. in the United States and other

countries. All other trademarks, service marks, registered

trademarks, or registered service marks are the property of their

respective owners.

Copyright © 2015 Juniper Networks, Inc. All rights reserved. JUNIPER NETWORKS, the Juniper Networks logo, JUNOS, QFABRIC, NETSCREEN, and SCREENOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.



Slide 31

CONFIDENTIAL

Corporat e and Sales Headquart ers

Juniper Networks, Inc.

1194 Nort h Mat hilda Avenue

Sunnyvale, CA 940 89 USA

Phone: 888.JUNIPER

( 888 .586.4737)

or 40 8 .745.20 0 0

Fax: 40 8.745.2100

www.juniper.net

APAC Headquart ers

Juniper Networks (Hong Kong)

26 / F, Cit yplaza One

1111King’s Road

Taikoo Shing, Hong Kong

Phone: 852.2332.3636

Fax: 852.2574.7803

EMEA Headquart ers

Juniper Networks Ireland

Airside Business Park

Swords, Count y Dubl in, Ireland

Phone: 35.31.890 3.60 0

EMEA Sales: 0 0 80 0 .4586.4737

Fax: 35.31.890 3.60 1

Copyright 2010 Juniper Networks, Inc.

Al l right s reserved. Juniper Networks,

t he Juniper Networks logo, Junos,

NetScreen, and ScreenOS are regist ered

t rademarks of Juniper Networks, Inc. in

t he Unit ed States and ot her count ries.

Al l ot her t rademarks, service marks,

regist ered marks, or regist ered service

marks are t he propert y of t heir

respect ive owners. Juniper Networks

assumes no responsibil it y for any

inaccuracies in t his document . Juniper

Networks reserves t he right t o change,

modif y, t ransfer, or ot herw ise revise t his

publ icat ion w it hout not ice.

educat ion serv ices coursew are

Documents

JUNIPER SECURING THE DATACENTER