Juniper Service Provider Edge Security (JSPES) (JSPES) - Details

Detaillierter Kursinhalt


1 Course Introduction

2 Security Challenges for Service Providers

  • Describe limitations of security devices
  • Describe DDoS attack threats
  • Describe BGP security threats
  • Explain IP address depletion challenges
  • Describe 5G security challenges

3 Juniper Networks Solutions for Service Providers

  • Describe Juniper Networks’ security solutions for the service provider challenges

4 Stateful Firewalls

  • Describe stateless firewall filters
  • Describe stateful firewall policies
  • Describe screens and ALGs
  • Explain asymmetrical routing

Lab 1: Configure Stateful Firewalls

5G Architecture using SRX Series Devices

  • Describe security insertion points
  • Describe 5G network evolution

6 DDoS Protection

  • Explain DDoS history and common protections
  • Describe SRX DDoS protection
  • Describe BGP FlowSpec
  • Describe Corero with MX DDoS protection

Lab 2: DDoS Protection


7 Carrier-Grade NAT

  • Explain IPv4 address exhaustion
  • Describe Source NAT
  • Describe CGNAT
  • Describe NAT64

Lab 3: CGNAT

8 Juniper Connected Security for Service Providers

  • Explain Juniper Connected Security
  • Describe SecIntel feeds
  • Describe a use case for IoT protection

Lab 4: Implementing Juniper Connected Security

9 IPsec Overview

  • Describe the IPsec and IKE protocols
  • Configure site-to-site IPsec VPNs
  • Describe and configure Proxy IDs and Traffic selectors
  • Monitor site-to-site IPsec VPNs
  • Describe IPsec use with gNodeB devices

Lab 5: Site-to-Site IPsec VPN

10 Scaling IPsec

  • Describe and implement PKI certificates in Junos OS
  • Describe AutoVPN
  • Describe SecGW firewall use case for scaling IPsec

Lab 6: Configuring AutoVPN


11 GPRS and GTP

  • Describe how to secure GTP tunnels
  • Describe the GPRS protocol
  • Describe the GTP
  • Explain how Roaming Firewall secures GTP


  • Describe the SCTP

Lab 7: Video about Implementing the Roaming Firewall (Demo)

13 Securing the Control Plane

  • Explain how to secure the control plane on Junos devices
  • Describe how the loopback filter works to secure the control plane
  • Explain how to protect the control plane from DDoS attacks
  • Describe how to secure the IGP against attacks

Lab 8: Configure Control Plane Protections

14 Securing the BGP

  • Describe how to secure the BGP
  • Describe BGP security features
  • Describe BGP dampening

Lab 9: Configure BGP protections