Integrating Juniper Networks Firewalls and VPNs into High-Performance Networks

Course ID    :   EDU-JUN-IFVH

Length    :   Three days

About this Course Overview

This three-day course focuses on the ScreenOS features that are typically necessary in large-scale networks, including dynamic routing, virtual systems, traffic shaping, and high availability. Upon completing this course, students should be able to successfully install and configure ScreenOS devices. Students should also be able to verify that a ScreenOS device is interoperating in the network as desired. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting these advanced features of ScreenOS software. This course is based on ScreenOS version 6.2.


Objectives

After successfully completing this course, you should be able to:

  • Configure virtual systems, including standard, IP-based, and transparent mode.
  • Configure dynamic routing protocols, including OSPF and Border Gateway Protocol (BGP).
  • Configure multicast operations, including Internet Group Management Protocol (IGMP) and Protocol
  • Independent Multicast-Sparse Mode (PIM-SM).
  • Configure high availability in both static routing and dynamic routing environments.
  • Configure traffic shaping features.
  • Verify operations and troubleshoot all previous configurations.

Intended Audience

This course is intended for network engineers, network support personnel, and reseller support personnel.


Course Level

IFVH is an intermediate-level course.


Prerequisites

The prerequisites for this course include the following:

  • Completion of the Configuring Juniper Networks Firewall/IPsec VPN Products (CJFV) course or equivalent product experience; and
  • General networking knowledge, including and understanding of Ethernet, TCP/IP, and routing concepts.

Course Contents

Day One

Chapter 1  :  Course Introduction

Chapter 2  :  ScreenOS Basics Review

  • Concepts Review
  • Configuration Review
  • Lab 1: ScreenOS Basics Review

Chapter 3: Interior Gateway Protocols

  • RIP Operations
  • OSPF Operations
  • OSPF Configuration
  • Verification and Troubleshooting
  • Lab 2: Part 1-Configuring OSPF
  • Route Redistribution
  • Lab 2: Part 2-Configuring Redistribution
  • Route Optimization
  • Lab 2: Part 3-Optimizing Routing Tables

Chapter 4: GBP

  • BGP Operations
  • EBGP Configuration
  • Verification and Troubleshooting
  • IBGP Configuration
  • BGP Connectivity
  • Lab 3: Configuring BGP

Day Two - Chapter 5: Advanced Static Routing

  • Source-Based Routing
  • Policy-Based Routing
  • Destination Routing
  • Lab 4: Configuring Advanced Static Routes

Chapter 6: Multicast

  • Multicast Overview
  • IGMP Operations
  • IGMP Configuration
  • PIM-SM Operations
  • PIM-SM Configuration
  • Multicast Policies
  • Lab 5: Configuring Multicast Support

Chapter 7: Virtual Systems

  • Vsys Operations and Concepts
  • Configuring Vsys Using Interface Classification
  • Lab 6: Part 1-Creating a Vsys
  • Vsys Resource Management
  • Inter-Vsys Routing
  • Lab 6: Part 2 and 3-Inter-Vsys Routing and Route Export
  • Address Translation
  • Lab 6: Part 4-Address Translation

Day Three - Chapter 8: Redundancy

  • NSRP Terms and Concepts
  • Configuring NSRP Active/Passive
  • Configuring NSRP Active/Active, VSD-Less Cluster, and NSRP-Lite
  • Tuning Failover Performance
  • VRRP Support
  • Redundant Interfaces

Chapter 9: Traffic Management

  • Need for Traffic Management
  • Egress Traffic Shaping
  • Ingress Policing
  • DSCP Marking

Appendix A: Virtual Systems Variations

  • Vsys with IP Classification
  • Transparent Mode Vsys