Implementing Juniper Networks Secure Analytics

3 Day Course
Hands On
Official Juniper Curriculum
Code IJSA

Book Now - 2 Delivery Methods Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online

Overview

This three-day course discusses the configuration of Juniper Networks JSA Series Secure Analytics (formerly known as Security Threat Response Manager [STRM]) in a typical network environment. Key topics include deploying a JSA Series device in the network, configuring flows, running reports, and troubleshooting.

Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting the JSA Series device. This course uses the Juniper Networks Secure Analytics (JSA) VM virtual appliance for the hands-on component. This course is based on JSA software 2014.2R4. Implementing Juniper Networks Secure Analytics is an introductory-level course.

Objectives

After successfully completing this course, you should be able to:

  • Describe the JSA system and its basic functionality.
  • Describe the hardware used with the JSA system.
  • Identify the technology behind the JSA system.
  • Identify the JSA system’s primary design divisions—display versus detection, and events versus traffic.
  • Plan and prepare for a new installation.
  • Access the administration console.
  • Configure the network hierarchy.
  • Configure the automatic update process.
  • Access the Deployment Editor.
  • Describe the JSA system’s internal processes.
  • Describe event and flow source configuration.
  • List key features of the JSA architecture.
  • Describe the JSA system’s processing logic.
  • Interpret the correlation of flow and event data.
  • List the architectural component that provides each key function.
  • Describe Events and explain where they come from.
  • Access the Log Activity interface.
  • Execute Event searches.
  • Describe flows and their origin.
  • Configure the Network Activity interface.
  • Execute Flow searches.
  • Specify the JSA system’s Asset Management and Vulnerability Assessment functionality.
  • Access the Assets interface.
  • View Asset Profile data.
  • View Server Discovery.
  • Access the Vulnerability Assessment Scan Manager to produce vulnerability assessments (VAs).
  • Access vulnerability scanner configuration.
  • View vulnerability profiles.
  • Describe rules.
  • Configure rules.
  • Configure Building Blocks (BBs).
  • Explain how rules and flows work together.
  • Access the Offense Manager interface.
  • Understand Offense types.
  • Configure Offense actions.
  • Navigate the Offense interface.
  • Explain the Offense summary screen.
  • Search Offenses.
  • Use the JSA system’s Reporting functionality to produce graphs and reports.
  • Navigate the Reporting interface.
  • Configure Report Groups.
  • Demonstrate Report Branding.
  • View Report formats.
  • Identify the basic information on maintaining and troubleshooting the JSA system.
  • Navigate the JSA dashboard.
  • List flow and event troubleshooting steps.
  • Access the Event Mapping Tool.
  • Configure Event Collection for Junos devices.
  • Configure Flow Collection for Junos devices.
  • Explain high availability (HA) functionality on a JSA device.

Target Audience

This course is intended for network engineers, support personnel, reseller support, and anyone responsible for implementing the JSA system.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Product Overview (4 topics)

  • Overview of the JSA Series Device
  • Hardware
  • Collection
  • Operational Flow

Initial Configuration (5 topics)

  • A New Installation
  • Administration Console
  • Platform Configuration
  • Deployment Editor
  • Lab 1: Initial Configuration

Architecture (3 topics)

  • Processing Log Activity
  • Processing Network Activity
  • JSA Deployment Options

Log Activity (3 topics)

  • Log Activity Overview
  • Configuring Log Activity
  • Lab 2: Log Activity

Network Activity (3 topics)

  • Network Activity Overview
  • Configuring Network Activity
  • Lab 3: Network Activity

Assets and Vulnerability Assessment (4 topics)

  • Asset Interface
  • Vulnerability Assessment
  • Vulnerability Scanners
  • Lab 4: Assets and Vulnerability Assessment

Rules (3 topics)

  • Rules
  • Configure Rules and Building Blocks
  • Lab 5: Rules

Offense Manager (4 topics)

  • Offense Manager
  • Offense Manager Configuration
  • Offense Investigation
  • Lab 6: Configure the Offense Manager

JSA Reporting (6 topics)

  • Reporting Functionality
  • Reporting Interface
  • Lab 7: Reporting
  • Chapter 11: Basic Tuning and Troubleshooting
  • Basic Tuning
  • Troubleshooting

Configuring Junos Devices for Use with JSA (3 topics)

  • Collecting Junos Events
  • Collecting Junos Flows
  • Lab 8: Configuring Junos Devices for JSA

Appendix A: High Availability (2 topics)

  • High Availability
  • Configuring High Availability

Prerequisites

This course assumes that students have basic networking knowledge and experience in the following areas:

  • Understanding of TCP/IP operation;
  • Understanding of network security concepts; and
  • Experience in network security administration.

Scheduled Dates

Please select from the dates below to make an enquiry or booking.

Pricing

Different pricing structures are available including special offers. These include early bird, late availability, multi-place, corporate volume and self-funding rates. Please arrange a discussion with a training advisor to discover your most cost effective option.

Code Location Duration Price Oct Nov Dec Jan Feb Mar
IJSA
Zoom Virtual Centre
3 Days $2,315

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections