Juniper firewall

Juniper firewall

Summary rating from 0 user's marks. You can set own marks for this article - just click on stars above and press "Accept".


Juniper Networks Certified courses (JNCIA & JNCIS) are designed for networking professionals with beginner to intermediate knowledge of Juniper Firewall/VPN products and ScreenOS software. Juniper firewall / VPN certification track is a two-tiered program that allows participants to demonstrate competence with Juniper Networks Firewall with VPN products and the ScreenOS software.

Juniper Networks Technical Certification Program (JNTCP)
Firewall / VPN Track

Juniper training

This course is designed for students who are new to Juniper SRX platform and looking to expand their skill sets in network and secuirty domain. Candidates should have basic understaing on ip addressing, routing and switching technoilogies.

Upon completion of this course, students will be able to:

  • Explain the features and advantages of the juniper SRX firewall platform.
  • Perform the basic & advance configuration of the firewall including:
    • Configuring interfaces, security policies
    • Setting up detailed operation of NAT
    • Enable policy and route based IPSEC VPN
    • Chassis cluster operation and configuration
    • Juniper IDP & Screen options
    • UTM overview
    • Troubleshooting using packet capture tools

Course content

Module 0 – Security basics & firewall technologies overview

  • Network security concepts explained
  • Enterprise security architecture – defense in depth / layered security architecture
  • Understanding various firewall technologies likes of :
    • Packet filter firewall
    • Application gateway firewall
    • Stateful Inspection
    • Next generation firewall
  • Basic understanding on Various application protocols including HTTP, FTP, DNS & DHCP
  • Overview of PKI infrastructure

Module 1 – Juniper platform Architecture

  • Understanding on Juniper SRX platform
    • Difference between netscreen and SRX devices
    • Junos hardware architecture
    • Session setup process in hardware
  • SRX software architecture including interface , security zones and virtual routers
  • Design consideration with Juniper SRX devices
  • Detailed hardware and software packet flow
  • Overview of PKI infrastructure

Module2 – Administration & Security Policies

  • Detailed overview of functional zones
  • Understanding on using firewall filters to control management access
  • Understating Juniper security rule base
    • Interzone policies
    • Intrazone policies
    • Global policies
    • Security policy designing best practices
  • Understanding session table entries
  • Overview of Junos ALG

Module3 – Network Address Translation

  • Overview on NAT requirements
  • Network address translation
    • Source NAT
    • Destination NAT
    • Static NAT
    • Dual NAT
    • Persistence NAT
    • Full con & Half con NAT
  • Design consideration while using different types of NAT
    • NAT Specific traffic flow
    • Overlapping network communication using NAT
    • Applications affected by NAT
  • Understating and implementation of NAT policies

Module 4 – VPN

  • Overview of VPN technologies
    • SSL
    • IPsec VPN
  • Understating on policy based vpn and its limitations
  • Route based VPN
  • Implementing VPN with dynamic routing on Juniper SRX firewall
  • Understanding on NAT-T in IPSEC VPN
  • Designing of complex VPN infrastructure with VPN failover

Module 5 – High Availability

  • Understanding of Juniper chassis cluster
  • Overview on active-active and active-standby cluster
    • High Availability
    • load sharing
    • Concept of reth,fab and fxp interfaces
  • understating and managing split brain condition
  • Failover Conditions
  • Understanding of complexities involved in cluster with asymmetric routing

Module 6– Troubleshooting

  • Overview of troubleshooting methodology on Juniper firewall
  • Troubleshooting of address spoofing issues
  • Troubleshooting security policies and NAT
  • Juniper tools to troubleshoot
    • Chassis cluster
  • Packet level troubleshooting with packet capture tools
  • Troubleshooting using pcap files – overview of wireshark tool

Module 7 – Firewall user authentication

  • Overview of user authentication to configure network access rules
  • Integration with Active Directory/ LDAP
  • Understanding on different authentication scenarios
    • Web authentication
    • Pass through authentication

Module 8 – UTM Overview

  • Overview of different UTM features in SRX platform
  • Understanding on Antivirus , Content and URL filtering
    • AV operation and monitoring
    • Configuration of content and web filtering
  • Understanding on antispam process
    • Configuration of antispam policy
    • Monitoring antispam

Module 9 – Attack Mitigation

  • Understanding on different types of attacks
  • Mitigation of attacks using :
    • Screen options
    • Firewall filters
  • IDP technology overview , Need for IDP , IDP components
  • Configuration and tuning of IDP
  • Troubleshooting IDP issues
Book Your Course

It always gives an pleasure and amazing feeling when someone ask me “Hey, I wanna learn more security stuff” and I say ” why don’t you go there..” And response is always “do you mean Dwarka or vikas and govil..?? I always add by saying proudly that whatever I am or where ever I’ll go is all because of them. No alternatives no confusions just go and grow.


Firewall Firm is the place where the guidance and learning given is completely extempore and in depth. A topic is covered till even a single person is able to answer almost everything about it with confidence. So I like the way a topic is chased and learned to everyone with exposure to real time industry scenarios.

(Redington gulf)

Deepak Mishra

Firewall Firm is certainly a tremendous approach to master the information security aspects and technologies. It helped upgrading my signature from technical support to It security Specialist and ensures more upgrades in near future.


I worked with an MNC for last 3 years in a track which has no growth and career options. So started my Hunt and of course Search engine is the first that we use. Some of my friends recommended to go with IT/Network security as a first Go and suggested me to Join Firewall Firm. The very first day in Firewall Firm gave me a lot of learning, confidence, opportunities, reasons and most important Learning and growth is a priority.
It’s almost 1 year I have completed with troika and still thankful that I did not opt to use Search Engine optimization for a hunt of institutes.

Phone: +91 96540 16484
mobile: +91 958 290 7788
B-71, Shalimar Garden Extn-2, Sahibabad, Ghaziabad, Near Raj Bag Metro Station
IT Monteur
Style switcher RESET
Body styles
Color settings
Link color
Menu color
User color
Background pattern
Background image