دوره های امنیت جونیپر ( آموزش جونیپر )
این دوره ( آموزش جونیپر ) دانشجویان با مفاهیم اولیه سیستم عامل junos آشنا میسازد و همچنین پیکر بندی دستگاه های junos و مفاهیم مسیریابی که نمونه های پیکربندی را شامل می شود و شامل یک نظر کلی درباره مفاهیم مسیریابی عمومی, سیاست های مسیریابی و فیلترهای فایروال و پوشاندن این سازمان دهی ها,عملکردها و پیاده سازی درگاه های سرویس های سری SRX در یک محیط معمولی شبکه می باشد.
این دوره ( آموزش جونیپر ) همچنین شامل پوشش دقیق Web filtering , Antivirus , Anti spam و محتوای فیلترها می باشد ,همچنین این دوره ( آموزش جونیپر ) شامل مفاهیمی در زمینه امنیت مانند مفاهیم اولیه سیستم جلوگیری از نفوذ (ips) که بر روی تجهیزات جونیپر موجود است می شود.
دوره های آموزشی امنیت جونیپر ( آموزش جونیپر ) به چهار بخش تقسیم میشوند که شامل :
دوره JNCIA که شامل مفاهیم اولیه و مورد نیاز در شبکه میباشد.
- 5 ساعت مخصوص به تدریس مفاهیم پایه شبکه
- 8 ساعت مربوط به مفاهیم پایه و مورد نیاز سیستم عامل JunOS
- 8 ساعت تدریس مفاهیم اولیه و پایه Routing
این دوره معادل دوره CCNA در دوره های Cisco میباشد
سرفصل های دوره JNCIA
| JNCIA-Junos | ||
| JRE(8H) | IJOS(8H) | Networking Fundamentals(5H) |
| Chapter 1: Course Introduction | Chapter 1: Course Introduction | What is a network? |
| Chapter 2: Routing Fundamentals | Chapter 2: Junos Operating System Fundamentals | · Network models |
| · Routing Concepts: Overview of Routing | · The Junos OS | · How data flows from one computer to another |
| · Routing Concepts: The Routing Table | · Traffic Processing | · Network addressing |
| · Routing Concepts: Routing Instances | · Platforms Running the Junos OS | Ethernet LANs |
| · Static Routing | Chapter 3: User Interface Options | · How Ethernet networks operate |
| · Dynamic Routing | · User Interface Options | · Early Ethernet network devices, including hubs and bridges |
| · Lab 1: Routing Fundamentals | · The Junos CLI: CLI Basics | · Today’s Ethernet network devices, including switches and Virtual LANs (VLANs) |
| Chapter 3: Routing Policy | · The Junos CLI: Operational Mode | · Wireless LANs |
| · Routing Policy Overview | · The Junos CLI: Configuration Mode | Routing basics |
| · Case Study: Routing Policy | · Lab 1: The Junos CLI | · Layer 2 and 3 addressing |
| · Lab 2: Routing Policy | Chapter 4: Initial Configuration | · Interconnecting different broadcast domains using routers |
| Chapter 4: Firewall Filters | · Factory-Default Configuration | · Address resolution |
| · Firewall Filters Overview | · Initial Configuration | · How data is sent from one broadcast domain or network to another |
| · Case Study: Firewall Filters | · Interface Configuration | IP addressing |
| · Unicast Reverse-Path-Forwarding Checks | · Lab 2: Initial System Configuration | · Internet Protocol (IP) |
| · Lab 3: Firewall Filters | Chapter 5: Secondary System Configuration | · IP addressing |
| · User Configuration and Authentication | · Network masks | |
| · System Logging and Tracing | · Working with binary numbers | |
| · Network Time Protocol | · Subnetting | |
| · Archiving Configurations | · Routing data through a network using longest match routing | |
| · SNMP | · IPv6 Addressing | |
| · Lab 3: Secondary System Configuration | WAN technologies | |
| Chapter 6: Operational Monitoring and Maintenance | · Point-to-Point Protocol (PPP) | |
| · Monitoring Platform and Interface Operation | · Frame Relay and Asynchronous Transfer Mode(ATM) | |
| · Network Utilities | · Multiprotocol Label Switching (MPLS) | |
| · Maintaining the Junos OS | · Carrier Ethernet | |
| · Password Recovery | Transport Layer protocols | |
| · Lab 4: Operational Monitoring and Maintenance | · User Datagram Protocol (UDP) | |
| · Transmission Control Protocol (TCP) | ||
دوره JNCIS که شامل مفاهیم مربوط به مفاهیم امنیت در شبکه و همچنین مفاهیم UTM در شبکه میباشد. ( آموزش جونیپر )
- 24 ساعت مفاهیم اولیه و پایه مربوط به امنیت شامل VPN , NAT , Security Policies و …
- 8 ساعت مفاهیم مربوط به UTM ها
سرفصل های دوره JNCIS
| JSEC(24H) | JUTM(8H) |
| Chapter 1: Course Introduction | Chapter 1: Course Introduction |
| Chapter 2: Introduction to Junos Security | Chapter 2: UTM Overview |
| · Traditional Routing | · Branch Office Challenges |
| · Traditional Security | · UTM Feature Overview |
| · The Junos OS Architecture | · Design Basics |
| Chapter 3: Zones | · Hardware Support |
| · The Definition of Zones | · Licensing of Features |
| · Zone Configuration | · Lab 1: Connecting to the Lab Equipment and Testing Connectivity |
| · Monitoring Security Zones | Chapter 3: Antispam |
| · Lab 1: Configuring and Monitoring Zones | · Antispam Terminology |
| Chapter 4: Security Policies | · Overview of Antispam Process |
| · Security Policy Overview | · UTM Policy Overview |
| · Junos ALGs | · Configuration Steps |
| · Policy Components | · Monitoring Antispam |
| · Verifying Policy Operation | · Lab 2: Configuring an Antispam Policy |
| · Policy Scheduling and Rematching | Chapter 4: Full File-Based and Express Antivirus |
| · Policy Case Study | · Antivirus Terminology |
| · Lab 2: Security Policies | · Overview of Antivirus Process |
| Chapter 5: Firewall User Authentication | · AV Operation |
| · Firewall User Authentication Overview | · Full File-based AV Configuration |
| · Pass-Through Authentication | · Express AV Configuration |
| · Web Authentication | · Monitoring AV |
| · Client Groups | · Lab 3: Antivirus Configuration and Testing |
| · Using External Authentication Servers | Chapter 5: Content and Web Filtering |
| · Verifying Firewall User Authentication | · Overview and Terminology |
| · Lab 3: Configuring Firewall Authentication | · Configuration |
| Chapter 6: Screen Options | · Verification and Monitoring |
| · Multilayer Network Protection | · Lab 4: Configuring Content and Web Filtering |
| · Stages and Types of Attacks | |
| · Using Junos Screen Options—Reconnaissance Attack Handling | |
| · Using Junos Screen Options—Denial of Service Attack Handling | |
| · Using Junos Screen Options—Suspicious Packets Attack Handling | |
| · Applying and Monitoring Screen Options | |
| · Lab 4: Implementing Screen Options | |
| Chapter 7: Network Address Translation | |
| · NAT Overview | |
| · Source NAT Operation and Configuration | |
| · Destination NAT Operation and Configuration | |
| · Static NAT Operation and Configuration | |
| · Proxy ARP | |
| · Monitoring and Verifying NAT Operation | |
| · Lab 5: Network Address Translation | |
| Chapter 8: IPsec VPNs | |
| · VPN Types | |
| · Secure VPN Requirements | |
| · IPsec Details | |
| · Configuration of IPsec VPNs | |
| · IPsec VPN Monitoring | |
| · Lab 6: Implementing IPsec VPNs | |
| Chapter 9: Introduction to Intrusion Detection and Prevention | |
| · Introduction to Junos IDP | |
| · IDP Policy Components and Configuration | |
| · Signature Database | |
| · Case Study: Applying the Recommended IDP Policy | |
| · Monitoring IDP Operation | |
| · Lab 7: Implementing IDP | |
| Chapter 10: High Availability Clustering Theory | |
| · High Availability Overview | |
| · Chassis Cluster Components | |
| · Advanced Chassis Cluster Topics | |
| Chapter 11: High Availability Clustering Implementation | |
| · Chassis Cluster Operation | |
| · Chassis Cluster Configuration | |
| · Chassis Cluster Monitoring | |
| · Lab 8: Implementing High Availability Techniques |
دوره JNCIP که شامل مفاهیم پیشرفته و advance در امنیت و همچنین سیستم IPS میشود.
- 24 ساعت مفاهیم پیشرفته شبکه شامل مجازی سازی , Advance IPsec , Advance NAT و …
- 16 ساعت مفاهیم مربوط به سیستم IPS یا جلوگیری از نفوذ
سرفصل های دوره JNCIP
| JNCIP-SEC | |
| AJSEC(24H) | JIPS(16H) |
| Chapter 1: Course Introduction | Chapter 1: Course Introduction |
| Chapter 2: AppSecure | Chapter 2: Introduction to Intrusion Prevention Systems |
| · AppSecure Overview | · Network Asset Protection |
| · AppID | · Intrusion Attack Methods |
| · AppTrack | · Intrusion Prevention Systems |
| · AppFW | · IPS Traffic Inspection Walkthrough |
| · AppDoS | Chapter 3: IPS Policy and Initial Configuration |
| · AppQoS | · SRX IPS Requirements |
| · Lab 1: Implementing AppSecure | · IPS Operation Modes |
| Chapter 3: Junos Layer 2 Packet Handling and Security Features | · Basic IPS Policy Review |
| · Transparent Mode Security | · Basic IPS Policy Lab |
| · Layer 2 Ethernet Switching | Chapter 4: IPS Rulebase Operations |
| · Lab 2: Implementing Layer 2 Security | · Rulebase Operations |
| Chapter 4: Virtualization | · IPS Rules |
| · Virtualization Overview | · Terminal Rules |
| · Routing Instances | · IP Actions |
| · Logical Systems | · Configuring IPS Rulebases Lab |
| · Lab 3: Implementing Junos Virtual Routing | Chapter 5: Custom Attack Objects |
| Chapter 5: Advanced NAT Concepts | · Predefined Attack Objects |
| · Operational Review | · Custom Attack Objects |
| · NAT: Beyond Layer 3 and Layer 4 Headers | · Fine-Tuning the IPS Policy |
| · DNS Doctoring | · Custom Signatures Lab |
| · IPv6 NAT | Chapter 6: Additional Attack Protection Mechanisms |
| · Advanced NAT Scenarios | · Scan Prevention |
| · Lab 4: Advanced NAT Implementations | · Blocking Evasion and DoS Attacks |
| Chapter 6: IPsec Implementations | · Security Flow Protection Mechanisms |
| · Standard VPN Implementations Review | · Security Flow Protection Mechanisms Lab |
| · Public Key Infrastructure | Chapter 7: IPS Logging and Reporting |
| · Hub-and-Spoke VPNs | · Junos Syslog and Operational Commands |
| · Lab 5: Hub-and-Spoke IPsec VPNs | · STRM IPS Logging |
| Chapter 7: Enterprise IPsec Technologies: Group and Dynamic VPNs | · IPS Logging Lab |
| · Group VPN Overview | |
| · GDOI Protocol | |
| · Group VPN Configuration and Monitoring | |
| · Dynamic VPN Overview | |
| · Dynamic VPN Implementation | |
| · Lab 6: Configuring Group VPNs | |
| Chapter 8: IPsec VPN Case Studies and Solutions | |
| · Routing over VPNs | |
| · IPsec with Overlapping Addresses | |
| · Dynamic Gateway IP Addresses | |
| · Enterprise VPN Deployment Tips and Tricks | |
| · Lab 7: Implementing Advanced IPsec VPN Solutions | |
| Chapter 9: Troubleshooting Junos Security | |
| · Troubleshooting Methodology | |
| · Troubleshooting Tools | |
| · Identifying IPsec Issues | |
| · Lab 8: Performing Security Troubleshooting Techniques |