| RMHA – Risk Management and High Availability with Juniper Firewalls |
 |
Price:
SKU:
Live Online Price: $1,995.00
SKU: VPND-O-RMHA
Time: 3 Days |
Promotional Code:
For classes of more than 6 students call 866-367-8761 ext 206. |
|
|
 Request For Quote |
|
| Day 1 |
| Chapter 1: Risk Management and Security Concepts |
- Security is not just for the perimeter, can include transparent mode
- Segmenting your LAN for logging and security, VLAN
- Managing your security with NSM
|
|
Chapter 2: Basic building blocks |
- Netscreen packet flow and sessions
- Interfaces
o Physical
o Subinterface (vlan)
o Secondary Interface
o Loopback interface
o Tunnel interface
- Zones
- Address Book objects
- Address Groups
- Service Objects
- Service Groups
- Virtual Routers
- Virtual systems
- Routing in single Virtual Router
- Routing in Multiple Virtual Routers
- Dynamic Routing Protocols and firewalls (OSPF, BGP, RIP)
|
|
Chapter 3: Initial Configuration |
- Setup up the firewall? (CLI, WebUI)
- Restricting access to the Management (SSH2, HTTPS, Permitted IP, interface property)
- What is the point of using management IP (In A/A, A/P)?
- Backup ScreenOS/Configuration, device reset
- Layer 2 configuration
- Layer 3 configuration
|
|
Day 2 |
|
Chapter 4: Security policy & Network address translation |
- Concept of Intra-Zone traffic and Inter-Zone Traffic
o How to properly design the network?
- Ordering rules (move to building block)
- Commenting and cleaning rules
- What are global Rules?
- What are clean up rules?
- NAT (NAT-SRC, NAT-DST, MIP, VIP)
- Application of NAT (BEST PRATICES)
- Traffic shaping
|
|
Chapter 5: Site to site VPN |
- What is a VPN (Encryption concepts, hash, key exchange, certificates)
- VPN hub and spoke, mesh, tunneled
- VPN Interoperating with other vendor (Checkpoint, Cisco, Nortel)
- Best practices while building vpns
- Policy Based VPN
- Route based VPN
- When should you use Route based vs Policy Based VPN? From an availability standpoint, and secure the policy point of view
- Problem with Preshare Key
- Bring us up to Certificates
|
|
Chapter 6: Logging and reporting |
- Alerts
- Alarms
- Syslog
- Log maintenance
|
|
Day 3 |
|
Chapter 7: Troubleshooting and verifying firewall configurations |
- Use debug and read debug output
- Routing and network address translation
- Snoop -> perl -> wireshark
- Event Logs
|
|
Chapter 8: Risk mitigation using High Availability |
- Active/Passive
- Active/Active
|
|
Chapter 9 : Centralized management using Netscreen Security Manager |
- Understand industry standard best practices around network security
- Configure and audit firewall security policies
- Configure Network address translation and Virtual Private Networks
- In-depth troubleshooting, debugging and verification of Juniper firewall/VPN configurations
- Implement logging and reporting of Juniper firewalls/VPNs
- Implement Juniper firewall High availability using NSRP
- Implement Netscreen Security manager for centralized security management
|
