Résumé du cours
This four-day course is designed to provide students with the knowledge required to implement Juniper Networks vSRX in the AWS and Azure environments. Students will gain in-depth knowledge about how to launch and configure the vSRX using different cloud designs. Through demonstrations and hands-on labs, students will gain experience deploying the vSRX in multiple configurations to secure cloud resources. This course uses various releases of the vSRX from Junos OS version 15.1X49-D100 through Junos OS version 19.1R1, as well as Space, Security Director, and Policy Enforcer releases 19.1R1.
A qui s'adresse cette formation
The primary audiences for this course are the following:
- Individuals who want a basic understanding of the cloud operations, terms, and structure needed to work in cloud environments;
- Individuals who want to learn how to securely expand their IT operations into the cloud with the vSRX and understand their design choices.
Certifications
Cette formation prépare à la/aux certifications:
Pré-requis
The following are the prerequisites for this course:
- Basic TCP/IP skills;
- Basic understanding of the Junos operating system;
- Basic understanding of the SRX Series device and its range of security features.
Objectifs
After successfully completing this course, you should be able to:
- Describe major cloud concepts.
- Describe how virtualization is used in the cloud.
- Describe various security designs used in the cloud.
- Describe the AWS architecture and explain how each tier will be used.
- Access the AWS management console.
- Create an AWS user account.
- Launch an Amazon service.
- Navigate the AWS Marketplace to find Juniper offerings.
- Describe the operation of the vSRX in AWS.
- Launch a vSRX device in AWS.
- Configure the vSRX to pass traffic.
- Describe CloudFormation features.
- Describe the CloudFormation template format.
- Describe the basics of JSON and YAML.
- Use a CloudFormation template.
- Describe Azure cloud services.
- Describe the Azure cloud architecture.
- Navigate the Azure portal.
- Control access to Azure.
- List the steps to follow to launch an Azure service.
- Navigate the Azure Marketplace to find Juniper products.
- List the vSRX offerings in Azure.
- Describe the pre-launch considerations for the vSRX in Azure.
- List the steps required to launch the “vSRX Next Generation Firewall” in Azure.
- List the steps required to launch the “vSRX A Security Gateway” in Azure.
- Describe the configuration needed for the vSRX to work in Azure.
- Describe the Azure Resource Manager Features.
- Describe the Azure Resource Manager Template Format.
- Deploy an Azure Resource Manager Template.
- List the various ways to connect to and between cloud resources.
- Describe the Transit VPC’s purpose and operation.
- Describe various Transit VPC designs.
- Create a Transit VPC in AWS.
- Configure Spoke VPCs to connect to a Transit VPC.
- Describe secure connection operations.
- Describe the configuration requirements to establish an IPsec tunnel between an Enterprise/DC SRX and the AWS cloud.
- Describe the configuration requirements to establish an IPsec tunnel between an Enterprise/DC SRX and a vSRX in the AWS cloud.
- Describe the configuration requirements to establish an IPsec tunnel between cloud networks using the vSRX.
- List the advanced vSRX security features that can be used to protect cloud resources.
- Describe the components needed to implement Juniper Networks Connected Security in the cloud.
- Configure AWS cloud components needed to support Juniper Networks Connected Security in the cloud.
- Configure Space with Security Director and Policy enforcer to implement Juniper Networks Connected Security to protect AWS cloud resources.
- Describe the benefits provided by CEM.
- Describe the use cases of CEM.
Contenu
Day 1
Chapter 1: Course Introduction
Chapter 2: Cloud Overview
- Cloud Concepts
- Cloud Virtualization
- Cloud Security
Chapter 3: Introduction to AWS
- Amazon Web Services Overview
- Amazon Management Console
- Create and Identity and Management Account
- Launch and Access and EC2 Server
- Amazon Marketplace
- Lab 1: Introduction to AWS
Chapter 4: Implementing the vSRX in AWS
- Understand the operation of the vSRX in AWS
- Launch a vSRX device in AWS
- Configure the vSRX to Pass Traffic
- Lab 2: Implementing the vSRX in AWS
Day 2
Chapter 5: Automation in AWS using CloudFormation
- CloudFormation Overview
- Understanding CloudFormation Templates
- JSON and YAML Overview
- Create a CloudFormation Stack
- Lab3: Automation in AWS using CloudFormation
Chapter 6: Introduction to Azure
- Azure Overview
- Azure Architecture
- Azure Portal
- Control Access to Azure
- Launch and Access a Windows Server
- Azure Marketplace
- Lab4: Introduction to Azure
Chapter 7: Implementing the vSRX in Azure
- The vSRX in Azure
- Pre-Launch Planning
- Launching the “vSRX Next Generation Firewall” in Azure
- Launching the “vSRX A Security Device” in Azure
- Configuring the vSRX for Azure
- Lab 5: Implementing the vSRX in Azure
Day 3
Chapter 8: Automation in Azure using ARM
- Azure Resource Manager Overview
- Understanding ARM Templates
- Creating ARM Templates
- Deploy an ARM Template
- Lab 6: Automation in Azure using ARM
Chapter 9: Cloud Connectivity
- Connectivity Options
- Secure Connections
- DC SRX to AWS Virtual Private Gateway
- DC SRX to vSRX in AWS
- VPC Peering using the vSRX
- Lab 7: Cloud Connectivity
Chapter 10: Advanced Security in the Cloud
- Advanced Security Options Overview
- Configure the network for SDSN
- Connecting to AWS
- Configure Metadata-Based Policies
- Implementing Threat Remediation
- Lab 8: Advanced Security in the Cloud
Day 4
Chapter 11: Implementing a Transit VPC
- Transit VPC Overview
- Transit VPC Designs
- Implementing a Transit VPC
- Implement Spoke VPCs
- Lab 9: Implementing a Transit VPC
Chapter 12: Automation in Azure using ARM
- Todays’ Networking Environment
- CEM Overview
- CEM Use Cases