دوره های امنیت جونیپر ( آموزش جونیپر )
این دوره ( آموزش جونیپر ) دانشجویان با مفاهیم اولیه سیستم عامل junos آشنا میسازد و همچنین پیکر بندی دستگاه های junos و مفاهیم مسیریابی که نمونه های پیکربندی را شامل می شود و شامل یک نظر کلی درباره مفاهیم مسیریابی عمومی, سیاست های مسیریابی و فیلترهای فایروال و پوشاندن این سازمان دهی ها,عملکردها و پیاده سازی درگاه های سرویس های سری SRX در یک محیط معمولی شبکه می باشد.
این دوره ( آموزش جونیپر ) همچنین شامل پوشش دقیق Web filtering , Antivirus , Anti spam و محتوای فیلترها می باشد ,همچنین این دوره ( آموزش جونیپر ) شامل مفاهیمی در زمینه امنیت مانند مفاهیم اولیه سیستم جلوگیری از نفوذ (ips) که بر روی تجهیزات جونیپر موجود است می شود.
دوره های آموزشی امنیت جونیپر ( آموزش جونیپر ) به چهار بخش تقسیم میشوند که شامل :
دوره JNCIA که شامل مفاهیم اولیه و مورد نیاز در شبکه میباشد.
- 5 ساعت مخصوص به تدریس مفاهیم پایه شبکه
- 8 ساعت مربوط به مفاهیم پایه و مورد نیاز سیستم عامل JunOS
- 8 ساعت تدریس مفاهیم اولیه و پایه Routing
این دوره معادل دوره CCNA در دوره های Cisco میباشد
سرفصل های دوره JNCIA
JNCIA-Junos | ||
JRE(8H) | IJOS(8H) | Networking Fundamentals(5H) |
Chapter 1: Course Introduction | Chapter 1: Course Introduction | What is a network? |
Chapter 2: Routing Fundamentals | Chapter 2: Junos Operating System Fundamentals | · Network models |
· Routing Concepts: Overview of Routing | · The Junos OS | · How data flows from one computer to another |
· Routing Concepts: The Routing Table | · Traffic Processing | · Network addressing |
· Routing Concepts: Routing Instances | · Platforms Running the Junos OS | Ethernet LANs |
· Static Routing | Chapter 3: User Interface Options | · How Ethernet networks operate |
· Dynamic Routing | · User Interface Options | · Early Ethernet network devices, including hubs and bridges |
· Lab 1: Routing Fundamentals | · The Junos CLI: CLI Basics | · Today’s Ethernet network devices, including switches and Virtual LANs (VLANs) |
Chapter 3: Routing Policy | · The Junos CLI: Operational Mode | · Wireless LANs |
· Routing Policy Overview | · The Junos CLI: Configuration Mode | Routing basics |
· Case Study: Routing Policy | · Lab 1: The Junos CLI | · Layer 2 and 3 addressing |
· Lab 2: Routing Policy | Chapter 4: Initial Configuration | · Interconnecting different broadcast domains using routers |
Chapter 4: Firewall Filters | · Factory-Default Configuration | · Address resolution |
· Firewall Filters Overview | · Initial Configuration | · How data is sent from one broadcast domain or network to another |
· Case Study: Firewall Filters | · Interface Configuration | IP addressing |
· Unicast Reverse-Path-Forwarding Checks | · Lab 2: Initial System Configuration | · Internet Protocol (IP) |
· Lab 3: Firewall Filters | Chapter 5: Secondary System Configuration | · IP addressing |
· User Configuration and Authentication | · Network masks | |
· System Logging and Tracing | · Working with binary numbers | |
· Network Time Protocol | · Subnetting | |
· Archiving Configurations | · Routing data through a network using longest match routing | |
· SNMP | · IPv6 Addressing | |
· Lab 3: Secondary System Configuration | WAN technologies | |
Chapter 6: Operational Monitoring and Maintenance | · Point-to-Point Protocol (PPP) | |
· Monitoring Platform and Interface Operation | · Frame Relay and Asynchronous Transfer Mode(ATM) | |
· Network Utilities | · Multiprotocol Label Switching (MPLS) | |
· Maintaining the Junos OS | · Carrier Ethernet | |
· Password Recovery | Transport Layer protocols | |
· Lab 4: Operational Monitoring and Maintenance | · User Datagram Protocol (UDP) | |
· Transmission Control Protocol (TCP) |
دوره JNCIS که شامل مفاهیم مربوط به مفاهیم امنیت در شبکه و همچنین مفاهیم UTM در شبکه میباشد. ( آموزش جونیپر )
- 24 ساعت مفاهیم اولیه و پایه مربوط به امنیت شامل VPN , NAT , Security Policies و …
- 8 ساعت مفاهیم مربوط به UTM ها
سرفصل های دوره JNCIS
JSEC(24H) | JUTM(8H) |
Chapter 1: Course Introduction | Chapter 1: Course Introduction |
Chapter 2: Introduction to Junos Security | Chapter 2: UTM Overview |
· Traditional Routing | · Branch Office Challenges |
· Traditional Security | · UTM Feature Overview |
· The Junos OS Architecture | · Design Basics |
Chapter 3: Zones | · Hardware Support |
· The Definition of Zones | · Licensing of Features |
· Zone Configuration | · Lab 1: Connecting to the Lab Equipment and Testing Connectivity |
· Monitoring Security Zones | Chapter 3: Antispam |
· Lab 1: Configuring and Monitoring Zones | · Antispam Terminology |
Chapter 4: Security Policies | · Overview of Antispam Process |
· Security Policy Overview | · UTM Policy Overview |
· Junos ALGs | · Configuration Steps |
· Policy Components | · Monitoring Antispam |
· Verifying Policy Operation | · Lab 2: Configuring an Antispam Policy |
· Policy Scheduling and Rematching | Chapter 4: Full File-Based and Express Antivirus |
· Policy Case Study | · Antivirus Terminology |
· Lab 2: Security Policies | · Overview of Antivirus Process |
Chapter 5: Firewall User Authentication | · AV Operation |
· Firewall User Authentication Overview | · Full File-based AV Configuration |
· Pass-Through Authentication | · Express AV Configuration |
· Web Authentication | · Monitoring AV |
· Client Groups | · Lab 3: Antivirus Configuration and Testing |
· Using External Authentication Servers | Chapter 5: Content and Web Filtering |
· Verifying Firewall User Authentication | · Overview and Terminology |
· Lab 3: Configuring Firewall Authentication | · Configuration |
Chapter 6: Screen Options | · Verification and Monitoring |
· Multilayer Network Protection | · Lab 4: Configuring Content and Web Filtering |
· Stages and Types of Attacks | |
· Using Junos Screen Options—Reconnaissance Attack Handling | |
· Using Junos Screen Options—Denial of Service Attack Handling | |
· Using Junos Screen Options—Suspicious Packets Attack Handling | |
· Applying and Monitoring Screen Options | |
· Lab 4: Implementing Screen Options | |
Chapter 7: Network Address Translation | |
· NAT Overview | |
· Source NAT Operation and Configuration | |
· Destination NAT Operation and Configuration | |
· Static NAT Operation and Configuration | |
· Proxy ARP | |
· Monitoring and Verifying NAT Operation | |
· Lab 5: Network Address Translation | |
Chapter 8: IPsec VPNs | |
· VPN Types | |
· Secure VPN Requirements | |
· IPsec Details | |
· Configuration of IPsec VPNs | |
· IPsec VPN Monitoring | |
· Lab 6: Implementing IPsec VPNs | |
Chapter 9: Introduction to Intrusion Detection and Prevention | |
· Introduction to Junos IDP | |
· IDP Policy Components and Configuration | |
· Signature Database | |
· Case Study: Applying the Recommended IDP Policy | |
· Monitoring IDP Operation | |
· Lab 7: Implementing IDP | |
Chapter 10: High Availability Clustering Theory | |
· High Availability Overview | |
· Chassis Cluster Components | |
· Advanced Chassis Cluster Topics | |
Chapter 11: High Availability Clustering Implementation | |
· Chassis Cluster Operation | |
· Chassis Cluster Configuration | |
· Chassis Cluster Monitoring | |
· Lab 8: Implementing High Availability Techniques |
دوره JNCIP که شامل مفاهیم پیشرفته و advance در امنیت و همچنین سیستم IPS میشود.
- 24 ساعت مفاهیم پیشرفته شبکه شامل مجازی سازی , Advance IPsec , Advance NAT و …
- 16 ساعت مفاهیم مربوط به سیستم IPS یا جلوگیری از نفوذ
سرفصل های دوره JNCIP
JNCIP-SEC | |
AJSEC(24H) | JIPS(16H) |
Chapter 1: Course Introduction | Chapter 1: Course Introduction |
Chapter 2: AppSecure | Chapter 2: Introduction to Intrusion Prevention Systems |
· AppSecure Overview | · Network Asset Protection |
· AppID | · Intrusion Attack Methods |
· AppTrack | · Intrusion Prevention Systems |
· AppFW | · IPS Traffic Inspection Walkthrough |
· AppDoS | Chapter 3: IPS Policy and Initial Configuration |
· AppQoS | · SRX IPS Requirements |
· Lab 1: Implementing AppSecure | · IPS Operation Modes |
Chapter 3: Junos Layer 2 Packet Handling and Security Features | · Basic IPS Policy Review |
· Transparent Mode Security | · Basic IPS Policy Lab |
· Layer 2 Ethernet Switching | Chapter 4: IPS Rulebase Operations |
· Lab 2: Implementing Layer 2 Security | · Rulebase Operations |
Chapter 4: Virtualization | · IPS Rules |
· Virtualization Overview | · Terminal Rules |
· Routing Instances | · IP Actions |
· Logical Systems | · Configuring IPS Rulebases Lab |
· Lab 3: Implementing Junos Virtual Routing | Chapter 5: Custom Attack Objects |
Chapter 5: Advanced NAT Concepts | · Predefined Attack Objects |
· Operational Review | · Custom Attack Objects |
· NAT: Beyond Layer 3 and Layer 4 Headers | · Fine-Tuning the IPS Policy |
· DNS Doctoring | · Custom Signatures Lab |
· IPv6 NAT | Chapter 6: Additional Attack Protection Mechanisms |
· Advanced NAT Scenarios | · Scan Prevention |
· Lab 4: Advanced NAT Implementations | · Blocking Evasion and DoS Attacks |
Chapter 6: IPsec Implementations | · Security Flow Protection Mechanisms |
· Standard VPN Implementations Review | · Security Flow Protection Mechanisms Lab |
· Public Key Infrastructure | Chapter 7: IPS Logging and Reporting |
· Hub-and-Spoke VPNs | · Junos Syslog and Operational Commands |
· Lab 5: Hub-and-Spoke IPsec VPNs | · STRM IPS Logging |
Chapter 7: Enterprise IPsec Technologies: Group and Dynamic VPNs | · IPS Logging Lab |
· Group VPN Overview | |
· GDOI Protocol | |
· Group VPN Configuration and Monitoring | |
· Dynamic VPN Overview | |
· Dynamic VPN Implementation | |
· Lab 6: Configuring Group VPNs | |
Chapter 8: IPsec VPN Case Studies and Solutions | |
· Routing over VPNs | |
· IPsec with Overlapping Addresses | |
· Dynamic Gateway IP Addresses | |
· Enterprise VPN Deployment Tips and Tricks | |
· Lab 7: Implementing Advanced IPsec VPN Solutions | |
Chapter 9: Troubleshooting Junos Security | |
· Troubleshooting Methodology | |
· Troubleshooting Tools | |
· Identifying IPsec Issues | |
· Lab 8: Performing Security Troubleshooting Techniques |