HBFITES Data Center, Collaboration, Security, Storage, Wireless, Telepresence Training +91-9886770046 info@hbfites.com

Juniper AJEST: Advanced Junos Enterprise Security Troubleshooting

Course Details

This course is designed to provide students with information about troubleshooting SRX Series hardware, Junos software, and more obscure problems like packet loss and latency, IPsec, security zones and policies, other security features, and chassis clustering. Students will gain experience in monitoring and troubleshooting these topics through demonstration as well as hands-on labs. The course exposes students to common troubleshooting commands and tools used to troubleshoot various intermediate to advanced issues.

This course uses Juniper Networks SRX Series Services Gateways for the hands-on component, but the lab environment does not preclude the course from being applicable to other Juniper hardware platforms running the Junos OS. This course is based on Junos OS Release 12.1R5.5.

Course Prerequisites

 The following are the prerequisites for this course:

  • Junos Troubleshooting in the NOC (JTNOC);
  • Advanced Junos Security (AJSEC);
  • Junos Intrusion Prevention Systems (JIPS): and
  • Junos Unified Threat Management (JUTM)

Course Goals

 After successfully completing this course, you should be able to:

  • Ask the right questions when troubleshooting an issue.
  • Identify general outputs and the type of information found in outputs.
  • Simplify a complex network and recreate an issue in the lab environment.
  • Describe packet loss in a network.
  • List the general chassis components.
  • Identify different methods for troubleshooting major chassis components.
  • Troubleshoot redundant Routing Engine and Control Board communication.
  • Isolate problems with interfaces.
  • Troubleshoot IPv4 interfaces.
  • Identify an issue with software and the process of events to recreate the issue.
  • Define a problem report (PR) and identify relevant information contained in a PR.
  • Find relevant topics within the Juniper Networks Knowledge Base.
  • Troubleshoot security zones.
  • Troubleshoot security policies.
  • Troubleshoot IPsec virtual private network (VPN) problems.
  • Troubleshoot Internet Key Exchange (IKE) phase 1 issues.
  • Troubleshoot IKE phase 2 issues.
  • Verify and troubleshoot AppSecure.
  • Monitor and troubleshoot intrusion prevention system (IPS).
  • Verify and troubleshoot UTM.
  • Verify, monitor, and troubleshoot chassis clustering issues.
  • Troubleshoot different chassis clustering modes.

Course Agenda

Day 1

Chapter 1: Course Introduction

Chapter 2: Advanced Troubleshooting Methodology

  • The Troubleshooting Process
  • Gathering Relevant Details
  • Recreating in a Lab Environment
  • Root Cause Analysis
  • Troubleshooting Packet Loss
  • Troubleshooting Latency
  • Troubleshooting Packet Loss Lab

Chapter 3: Hardware and Interface Troubleshooting

  • General Chassis Components
  • Redundancy
  • Hardware Case Study
  • Interface Overview
  • General Interfaces
  • Layer 3
  • Interface Case Study
  • Troubleshooting Interfaces Lab

Chapter 4: Troubleshooting Software

  • Identifying the Problem
  • PR Searches
  • KB Searches
  • Identifying Workarounds and Permanent Fixes
  • Case Studies

Chapter 5: Troubleshooting Security Zones and Policies

  • Security Zones
  • Security Policies
  • Case Studies
  • Troubleshooting Security Zones and Policies Lab

Chapter 6: Troubleshooting IPsec

  • IPsec Overview
  • IKE Phase 1
  • IKE Phase 2
  • Case Studies
  • Troubleshooting IPsec Lab

Chapter 7: Troubleshooting Security Features

  • AppSecure
  • IPS
  • UTM
  • Troubleshooting Security Features Lab

Chapter 8: Troubleshooting Chassis Clusters

  • High Availability Overview
  • High Availability Operation
  • Case Studies
  • Troubleshooting Chassis Clustering Lab