Integrating Juniper Networks Firewall/IPSec VPN Products into High-Performance Networks (IFVH)

This three-day course focuses on the ScreenOS features that are typically necessary in large-scale networks, including dynamic routing, virtual systems, traffic shaping, and high availability. Upon completing this course, students should be able to successfully install and configure a ScreenOS device. Students should also be able to verify that a ScreenOS device is interoperating in the network as desired. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting these advanced features of ScreenOS software.


After successfully completing this course, you should be able to:
  • Configure virtual systems, including standard, IP-based, and transparent mode.
  • Configure dynamic routing protocols, including OSPF and Border Gateway Protocol (BGP).
  • Configure multicast operations, including Internet Group Management Protocol (IGMP) and Protocol Independent Multicast sparse mode (PIM SM).
  • Configure high availability in both static routing and dynamic routing environments.
  • Configure traffic shaping features.
  • Verify operations and troubleshoot all previous configurations.

Intended Audience:
This course is intended for network engineers, network support personnel, and reseller support personnel.

Course Level:
Integrating Juniper Networks Firewall/IPsec VPN Products into High-Performance Networks is an intermediate-level course.

The prerequisites for this course include the following:
  • Completion of the Configuring Juniper Networks Firewall/IPsec VPN Products (CJFV) course or equivalent product experience; and¬†
  • General networking knowledge, including an understanding of Ethernet, TCP/IP, and routing concepts.

Course Contents

Day 1

Chapter 1: Course Introduction

Chapter 2: ScreenOS Basics Review
  • Concepts Review¬†
  • Configuration Review
  • Lab: ScreenOS Basics Review

Chapter 3: Interior Gateway Protocols
  • RIP Operations
  • OSPF Operations
  • OSPF Configuration
  • Verification and Troubleshooting
  • Lab: Configuring OSPF?Part 1
  • Route Redistribution
  • Lab: Configuring OSPF?Part 2
  • Route Optimization
  • Lab: Configuring OSPF?Part 3

Chapter 4: BGP
  • BGP Operations
  • EBGP Configuration
  • Verification and Troubleshooting
  • IBGP Configuration
  • BGP Connectivity
  • Lab: Configuring BGP

Day 2

Chapter 5: Advanced Static Routing
  • Source-Based Routing
  • Policy-Based Routing
  • Destination Routing
  • Lab: Configuring Advanced Static Routes

Chapter 6: Multicast
  • Multicast Overview
  • IGMP Operations
  • IGMP Configuration
  • PIM SM Operations
  • PIM SM Configuration
  • Multicast Policies
  • Lab: Configuring Multicast Support

Chapter 7: Virtual Systems
  • Vsys Operations and Concepts
  • Configuring Vsys Using Interface Classification
  • Lab: Configuring Virtual Systems?Part 1
  • Vsys Resource Management
  • Inter-Vsys Routing
  • Lab: Configuring Virtual Systems?Parts 2 and 3
  • Address Translation
  • Lab: Configuring Virtual Systems?Part 4

Day 3

Chapter 8: Redundancy
  • NSRP Terms and Concepts
  • Configuring NSRP Active/Passive
  • Configuring NSRP Active/Active, VSD-Less Cluster, and NSRP-Lite
  • Tuning Failover Performance
  • VRRP Support
  • Redundant Interfaces
  • Demo: NSRP

Chapter 9: Traffic Management
  • Need for Traffic Management
  • Egress Traffic Shaping
  • Ingress Policing
  • DSCP Marking

Appendix A: Virtual Systems Variations
  • Vsys with IP Classification
  • Transparent Mode Vsys