- Duration: 4 days
This four-day course is designed to provide students with the knowledge required to implement Juniper Networks vSRX in the AWS and Azure environments. Students will gain in-depth knowledge about how to launch and configure the vSRX using different cloud designs. Through demonstrations and hands-on labs, students will gain experience deploying the vSRX in multiple configurations to secure cloud resources. This course uses various releases of the vSRX from Junos OS version 15.1X49-D100 through Junos OS version 19.1R1, as well as Space, Security Director, and Policy Enforcer releases 19.1R1.
Objectives
After successfully completing this course, you should be able to:
• Describe major cloud concepts.
• Describe how virtualization is used in the cloud.
• Describe various security designs used in the cloud.
• Describe the AWS architecture and explain how each tier will be used.
• Access the AWS management console.
• Create an AWS user account.
• Launch an Amazon service.
• Navigate the AWS Marketplace to find Juniper offerings.
• Describe the operation of the vSRX in AWS.
• Launch a vSRX device in AWS.
• Configure the vSRX to pass traffic.
• Describe CloudFormation features.
• Describe the CloudFormation template format.
• Describe the basics of JSON and YAML.
• Use a CloudFormation template.
• Describe Azure cloud services.
• Describe the Azure cloud architecture.
• Navigate the Azure portal.
• Control access to Azure.
• List the steps to follow to launch an Azure service.
• Navigate the Azure Marketplace to find Juniper products.
• List the vSRX offerings in Azure.
• Describe the pre-launch considerations for the vSRX in Azure.
• List the steps required to launch the “vSRX Next Generation Firewall” in Azure
. • List the steps required to launch the “vSRX A Security Gateway” in Azure.
• Describe the configuration needed for the vSRX to work in Azure.
• Describe the Azure Resource Manager Features.
• Describe the Azure Resource Manager Template Format
. • Deploy an Azure Resource Manager Template
. • List the various ways to connect to and between cloud resources.
• Describe the Transit VPC’s purpose and operation.
• Describe various Transit VPC designs.
• Create a Transit VPC in AWS.
• Configure Spoke VPCs to connect to a Transit VPC.
• Describe secure connection operations.
• Describe the configuration requirements to establish an IPsec tunnel between an Enterprise/DC SRX and the AWS cloud.
• Describe the configuration requirements to establish an IPsec tunnel between an Enterprise/DC SRX and a vSRX in the AWS cloud.
• Describe the configuration requirements to establish an IPsec tunnel between cloud networks using the vSRX.
• List the advanced vSRX security features that can be used to protect cloud resources.
• Describe the components needed to implement Juniper Networks Connected Security in the cloud.
• Configure AWS cloud components needed to support Juniper Networks Connected Security in the cloud.
• Configure Space with Security Director and Policy enforcer to implement Juniper Networks Connected Security to protect AWS cloud resources.
• Describe the benefits provided by CEM.
• Describe the use cases of CEM.Course Contents
Day 1
Chapter 1: Course Introduction
Chapter 2: Cloud Overview
• Cloud Concepts
• Cloud Virtualization
• Cloud Security
Chapter 3: Introduction to AWS
• Amazon Web Services Overview
• Amazon Management Console
• Create and Identity and Management Account
• Launch and Access and EC2 Server
• Amazon Marketplace
• Lab 1: Introduction to AWS
Chapter 4: Implementing the vSRX in AWS
• Understand the operation of the vSRX in AWS
• Launch a vSRX device in AWS
• Configure the vSRX to Pass Traffic
• Lab 2: Implementing the vSRX in AWS
Day 2
Chapter 5: Automation in AWS using CloudFormation
• CloudFormation Overview
• Understanding CloudFormation Templates
• JSON and YAML Overview
• Create a CloudFormation Stack
• Lab3: Automation in AWS using CloudFormation
Chapter 6: Introduction to Azure
• Azure Overview
• Azure Architecture
• Azure Portal
• Control Access to Azure
• Launch and Access a Windows Server
• Azure Marketplace
• Lab4: Introduction to Azure
Chapter 7: Implementing the vSRX in Azure
• The vSRX in Azure
• Pre-Launch Planning
• Launching the “vSRX Next Generation Firewall” in Azure
• Launching the “vSRX A Security Device” in Azure
• Configuring the vSRX for Azure
• Lab 5: Implementing the vSRX in Azure
Day 3
Chapter 8: Automation in Azure using ARM
• Azure Resource Manager Overview
• Understanding ARM Templates
• Creating ARM Templates
• Deploy an ARM Template
• Lab 6: Automation in Azure using ARM
Chapter 9: Cloud Connectivity
• Connectivity Options
• Secure Connections
• DC SRX to AWS Virtual Private Gateway
• DC SRX to vSRX in AWS
• VPC Peering using the vSRX
• Lab 7: Cloud Connectivity
Chapter 10: Advanced Security in the Cloud
• Advanced Security Options Overview
• Configure the network for SDSN
• Connecting to AWS
• Configure Metadata-Based Policies
• Implementing Threat Remediation
• Lab 8: Advanced Security in the Cloud
Day 4
Chapter 11: Implementing a Transit VPC
• Transit VPC Overview
• Transit VPC Designs
• Implementing a Transit VPC
• Implement Spoke VPCs
• Lab 9: Implementing a Transit VPC
Chapter 12: Automation in Azure using ARM
• Todays’ Networking Environment
• CEM Overview
• CEM Use Cases