for IT Professionals - Milestone Systems

CERTIFIED TRAINING for IT Professionals Find Classroom and Instructor-Led Virtual Classes in:

Milestone instructors are engineers who eat and breathe network security in the real world. They are not isolated classroom guys -- and that makes the Authorized Training Centers (ATC) of Milestone Systems the preferred choice of network professionals.

[email protected] Toll-free: 866-646-9211 www.milestonesystems.com/training 2014

CERTIFIED TRAINING COURSE TITLE

PAGE

for IT Professionals

COURSE TITLE

PAGE

F5 Networks

Juniper Networks

BIG-IP Local Traffic Manager (LTM) Essentials ............................. 3 BIG-IP Local Traffic Manager (LTM) Advanced ........................... 4 Changes in BIG-IP Due to V11 ............................................................ 5 Configuring BIG-IP LTM - V11 ............................................................ 6 Troubleshooting BIG-IP LTM ............................................................. 7 BIG-IP Global Traffic Manager (GTM) ............................................. 8 How to Architect F5’s BIG-IP ............................................................. 9 Developing iRules ................................................................................... 10 Developing iApps for BIG-IP V11.2 ................................................. 11 F5 Application Security Manager (ASM)......................................... 12 BIG-IP LTM Web Accelerator .............................................................. 13 Configuring Advanced Firewall Mgr (AFM) - V11........................ 14 WAN Optimization Module ............................................................... 15 Access Policy Manager ......................................................................... 16 Administering BIG-IP - V11 .................................................................. 17 Configuring BIG-IP LTM - V11.............................................................. 18 Configuring BIG-IP Viprion - V11 ...................................................... 19 Configuring & Administering ARX ................................................. 20 Troubleshooting & Monitoring ARX V6 1.1 ................................... 21 Firewall - V6 ............................................................................................... 22 Configuring Enterprise Manager - V3 ........................................... 23

Introduction to JUNOS (IJOS) ..................................................................... 32 JUNOS Routing Essentials (JRE) ................................................................. 33 JUNOS Security ................................................................................................ 34 Advanced JUNOS Security (AJSEC) .......................................................... 35 JUNOS Enterprise Switching (JEX) ............................................................ 36 Service Provider & Enterprise Routing ................................................... 37 Configuring Juniper Network Secure Access (CJSA) ......................... 38 Advanced Juniper Networks Secure Access (AJSA) ........................... 39 Intro to Juniper Networks Wireless LAN (IJWL) .................................. 40 JNCIP/IC Prep: Remote Proctored Practice Exam ............................... 41 ACX Universal Access Routers Overview & Deployment (WBT).... 42 Advanced IP Sec VPN Implementations ................................................ 43 Advanced Wireless LANs (AJWL) ............................................................... 44 Advanced Junos Enterprise Routing (AJER) ......................................... 45 Junos Intermediate Routing (JIR) ............................................................. 46 Advanced Enterprise Routing Troubleshooting (AJERT) ................. 47 Advanced Enterprise Security Troubleshooting (AJEST).................. 48 Advanced Junos Enterprise Switching (AJEX)...................................... 49 Advanced Enterprise Switching Troubleshooting (AJEXT) .............. 51 Advanced Junos Service Provider Routing (AJSPR) .......................... 52 Advanced Junos Service Provider Troubleshooting (AJSRT) ........ 53 Attack Prevention with Juniper Firewalls (APJF) ................................ 54 Configuring & Monitoring QFabric Systems (APJF)............................. 55 Configuring/Monitoring VGW Virtual Gateway (CMvGW)............... 56 Confirguring Firewall/IP Sec VPN (CJFV) ............................................... 57 Configuring Security Threat Response Manager (CSTRM) ............ 58 Configuring Steel-Belted Radius Carrier ................................................. 59 E-Series Broadband Remote Access Server Config Basics (BB) ..... 60 E-Series Routing Protocols (CIRCUIT) ....................................................... 61 Implementing Intrusion Detection/Prevention (IIDP)....................... 62 Integrating Firewall/IP Sec VPN (IFVH)..................................................... 63 Introduction to Juniper Networks Routers E-Series (ERX) .............. 64 Introduction to Juniper Networks Wireless LANs (IJWL) ................ 65

Palo Alto Networks Firewall Essentials (PAN-EDU-201) ............................................ 24 Firewall Extended Management (PAN-EDU-205) ............... 25 Panorama Essentials (PAN-EDU-221) ....................................... 26 Firewall Troubleshooting (PAN-EDU-311) .............................. 27

Blue Coat Systems Certified WAN Acceleration Administrator (BCWAA) .............. 28 Certified WAN Acceleration Professional (BCWAP) ................... 29 Certified ProxySG Administrator (BCCPA) ..................................... 30 Certified ProxySG Professional (BCCPP) ........................................ 31

Cisco IronPort S-Series Email Security........................................................................... 67 C-Series Email Security........................................................................... 68

Check Point Security Administration R76 GAIA.....................................................70 Security Engineering R76 GAIA...........................................................71

Toll-Free 866-646-9211 Email [email protected] Register Online www.milestonesystems.com/training Payment We accept all major credit cards and purchase orders, as well as Learning Credits from certain manufacturers.

F5 Networks BIG-IP LTM ®

Essentials

T

his comprehensive course gives network professionals a functional understanding of the F5 Networks BIGIP Local Traffic Manager (LTM) system as it is commonly used. The course covers installation, configuration, and management of BIG-IP LTM systems and redundant pairs. This hands-on course includes lectures, labs, and discussions, and is taught by a field-experienced F5-certified engineer.

Topics Covered • • • • • • • •

Installation and Licensing Virtual Servers and Pools Load Balancing Profiles iRules Persistence Health Monitors SSL Termination/Certificate Management • Redundant Pairs • Mirroring Connection and Persistence Data • Detecting Network Failures

By the end of this course, the student should be able to perform an initial configuration using the Setup Utility and build many common configurations of BIG-IP LTM system using the Graphical User Interface (browser-based.) In addition, the student should be able to monitor and manage common tasks concerning traffic processed through the BIG-IP LTM system. To fully benefit from this class, the student should already understand • Common network terminology • TCP/IP addressing and routing • Internetworking concepts • Common elements of WAN and LAN environments • Data Center Server redundancy concepts

This class is a prerequisite for taking: • • •

BIG-IP LTM Advanced (p 4) Troubleshooting BIG-IP LTM (p 8) Architecting BIG-IP in an Application Delivery Network (p 9)

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $1995 Take this to go on to: LTM Advanced (p 4) Live Instructor Format Options: (1) Classroom at a Milestone Training Facility. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

Combo Bundle: Milestone Systems typically schedules these two classes (Essentials & Advanced) for the same week for your convenience. See specific dates and locations at www.milestonesystems. com/training, or call toll free: 866-646-9211

“IT professionals want training because it helps them build experience and gain credibility in the industry,” Paul Eck, Milestone Systems Director of Educational Services observes. “It also helps them do their jobs and focus on things that are important. Sitting on the phone with the manufacturer’s help desk is not efficient. Milestone’s training enables IT professionals become more proficient and add more value to their organizations.”

www.milestonesystems.com/training

866-646-9211

[email protected]

Certified Training for IT Professionals

3


Advanced

T

he LTM Advanced course teaches network professionals how to get the most benefit from the F5 Networks BIG-IP Local Traffic Manager (LTM) system. It builds on the foundation of the BIG-IP LTM Essentials course (p 3) by covering less-commonly used but more powerful ways of using the many features of the BIG-IP LTM system. Significant time is spent using the command line tools to configure the system and advanced troubleshooting. This hands-on course includes lectures, labs, and discussions with the F5certified, field-experienced instructor. Who Should Attend Experienced users of the BIG-IP family of products

Topics Covered

• Command Line Configuration using tmsh • BIG-IP Administration -Clustered Multi Processing (CMP ) -Restricting Access -Logging and SNMP traps -Admin Domains • Monitors Part 2 • iRules Part 2 • Virtual Servers Part 2 • SNATs Part 2 -SNAT Pools and Automap -VIP Bounceback

• Persistence Part 2 • Profiles Part 2 -HTTP Compression -RAM Cache for HTTP -TCP client and server Profiles -Streaming Profile


4

Pre-Requisites: Students must have successfully completed the BIG-IP LTM Essentials course (p 3), or passed the BIG-IP LTM Certification Exam 521 from Prometric. This course is a mandatory prerequisite for taking the Architecting BIG-IP in an Application Delivery Network course (p 9.) By the end of this course, the student should be able to perform many advanced configurations of BIG-IP LTM systems using either the Graphical User Interface (browser based) or command line interface. In addition, the student should be able to monitor and manage most tasks concerning traffic processed through the LTM.

To fully benefit from this class, the student should already understand

• TCP/IP Addressing and Routing • The Address Resolution Protocol • Direct and Indirect Routing • TCP Handshakes • Command Line Configuration including Commands and Parameters • Command Line Access (DOS or UNIX) • Common elements of WAN and LAN, and differences between their components • Fundamental programming concepts such as variable assignments and logical operations • The Linux File System • Pico editor or VI editor • The tcpdump program • Shell scripting • TCL (Tool Control Language)

866-646-9211

[email protected]

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $2495 Take this to go on to: Architecting BIG-IP (p 9) Live Instructor Format Options: (1) Classroom at a Milestone Training Facility. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

“The real world experience and vast F5 knowledge was a great asset to this course! I would certainly take another course by this instructor.” -- Matt T., Senior Network Analyst (about F5 LTM class)


Changes in BIG-IP LTM ®

Due to v11

V

ersion 11 of F5’s TMOS operating system implements enough functional changes in BIG-IP configuration that a course is warranted. Our 1-day course is designed for Network & Security Professionals who already understand previous versions of BIG-IP.

v11 TMOS

The class covers 6 key subject areas, including: • Setup utility changes for BIG-IP v11 • vCMP feature in v11 • Configuring iApps in BIG-IP v11 • High Availability in v11 (Sync-Failover Device Groups) • High Availability part 2 (Traffic Groups) • Folders & Sync-Only Device Groups

“Just a quick message to let you know that your instructor did an AWESOME job on the F5 v11 virtual class this week, especially keeping it interactive. Once again Milestone exceeds all expectations of your training engineer's product knowledge and overall industry networking expertise.” -- Josh P., Network Admin at an energy company


What’s New in v11? BIG-IP running F5’s version 11 of the TMOS operating system enables a comprehensive view of users, applications, and the network. This new approach to provisioning network services for your applications helps you better respond to changing business needs.

Align Services with Specific Applications New iApps technology associates specific sets of services into perapplication policies via easy-to-use templates. Authentication, data protection, traffic management, and acceleration are provisioned as application services rather than as individual devices and objects.

Deploy up to 100x Faster Preconfigured application services dramatically simplify deployment. Services move with applications as new instances are created locally, virtually, or in the cloud. Spend a lot less time and OpEx on deployment and management.

Improve IT and Business Efficiency

Length of Class: 1 Day Time: 8:30 am to 4:30 pm Tuition: $995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training

Virtualize and Scale On Demand Move application delivery workloads as easily as you move virtual server workloads with the virtualization and multi-tenancy capabilities of F5 ScaleN functionality.

Thwart Multi-Layer Cyber Attacks Get cross-layer visibility, detection, and protection with centralized network security, web security, and access control. Unified network and application security protects users, applications, and data.

iApps Analytics give you real-time visibility into application and user performance. Assess, isolate, and address problem areas and manage resources with greater business insight.

866-646-9211

[email protected]


5

Configuring BIG-IP LTM ®

v11

This 3-day course gives networking professionals a functional understanding of the BIG-IP LTM v11 system as it is commonly used, as well as an in-depth understanding of advanced features. The course covers installation, configuration, and management of BIG-IP LTM systems. This hands-on course includes lectures, labs, and discussions.

By the end of this course, the student should be able to setup an initial configuration and build many common and advanced configurations of BIG-IP LTM systems using either the Graphical User Interface or Command Line utilities. In addition, the student should be able to monitor and manage common tasks concerning traffic processed by a BIG-IP LTM system.

2014 NOTE: This 3-day course replaces the previous 4-day version. Several topics from the 4-day course have been moved to the prerequisite Administering BIG-IP V11 Instructor-led course (p 17.) See Prerequisites.

Prerequisites

Students must have completed one of the following: • Administering BIG-IP V11 Instructorled course (p 17) • BIG-IP Local Traffic Manager (LTM) Essentials course (p 3) • Achieve F5 Certified BIG-IP Administrator certification

Milestone still offers the 4-day LTM Configuration as an open-enrollment, on-site option. Call us for details.

Audience

This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.

Topics Covered: • • • • • • • • • •

Installation and Licensing Load Balancing Persistence Monitors Profiles iApps Highly Availability Non Load Balancing Virtual Servers NATs and SNATs Selected topics such as IPv6 and Route Domains • iRules


6

Length of Class: 3 Days Time: 8:30 am to 4:30 pm daily Tuition: $2995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Before class, students should understand: • TCP/IP Addressing and Routing including: -The Address Resolution Protocol -Direct and Indirect Routing -TCP Handshakes • Command Line Configuration • Common elements of and differences between WAN and LAN components • Fundamental programming concepts. In addition, students should be proficient in: • The Linux File System • pico editor or vi editor • The tcpdump program

866-646-9211

[email protected]



Troubleshooting

D

esigned for networking professionals who manage and support F5 Networks BIG-IP Local Traffic Manager (LTM) systems. The teachings build on the knowledge gained in the BIG-IP LTM Essentials course (p 3) with exploration of architecture, support cases, OSI layer methodology, and troubleshooting labs. Taught by a field-experienced F5-certified engineer. Topics Covered: • Configuration Project • Architecture • Troubleshooting Questions • System Tools • OSI Layer Troubleshooting Methodology • Troubleshooting Tools • Troubleshooting Labs • Support Cases • Firewall Sandwiches

By the end of this course, the student will be able to troubleshoot the BIG-IP LTM system using Configuration Project and Archiecture. In addition, the student will be able to create and submit a support case. Prerequisites: Successful completion of F5 Networks BIG-IP LTM Essentials (p 3) or passing Prometric exam F50-511. To benefit from this class, the student should already understand • Common network terminology • TCP/IP addressing and routing • Internetworking concepts • Common elements of WAN and LAN environments • PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Web browser operation (Internet Explorer is used in this class)

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $1995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. If you don’t see the course or topic you need, contact us and we’ll find it for you. [email protected]

“Milestone decided to offer training a decade ago as a complement to our professional services and product sales,” Mark Greer, President, Milestone Systems explains. “Training is part of how we enable the lifeblood of our customers. “We want to make Milestone the best in the industry for what we sell, and training helps us achieve that,” he said. “We can sell you the product, and we can install it, but we want to do the knowledge transfer and ensure that you’re getting the most out of your product. These solutions aren’t inexpensive — we don’t want to just drop it off and hope that you’ll figure out how to use it. Our training programs expose students to the experience our engineers have gained in the field so that they can help their organizations get the most from their technology investments.”


866-646-9211

[email protected]


7

F5 Networks BIG-IP GTM ®

T

he BIG-IP Global Traffic Manager (GTM) course is designed for networking professionals to renew their understanding of DNS network systems and WAN, master pre-installation information gathering, and apply this information to the process of installing an F5 Networks GTM system. Utilizing both simulated installation activities and hands-on exercises, participants gain real-time experience setting up and configuring both primary and secondary GTM Systems, WAN systems, integrating multiple GTM Systems, and migrating DNS systems to a GTM. Students will gain knowledge of the essential GTM management interfaces that assist network managers. This course covers configuring, monitoring and testing GTM Systems and networks, as well as dynamic and static load balancing, and GTM report screens.

Topics Addressed: • Install and setup • DNS Overview • Configuring GTM Objects • Load Balancing for GTM • LDNS Probes • Monitors for GTM • Zonerunner and BIND • Logging and Notification • Advanced GTM Topics such as Topology, iRules and GTM Synchronization


• Common network terminology • TCP/IP addressing and routing • Internetworking concepts • Common elements of WAN and LAN environments • Data Center Server redundancy • PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Web browser operation (Internet Explorer is used in this class)

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $1995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Who Should Attend: • Installation engineers • IT professionals responsible for installing, configuring and troubleshooting the F5 Networks BIG-IP GTM product.

It will be helpful if participants are familiar with: • pico editor or vi editor • tcpdump program • nslookup & dig programs concepts


8

866-646-9211

[email protected]


®

How to Architect F5’s BIG-IP into an Application Delivery System

T

eaching network professionals how to architect and design F5 BIG-IP devices into an application delivery network. Building on the on the foundation of the BIG-IP LTM Essentials and Advanced courses (pp 3 & 4), this course demonstrates the next steps for implementing BIG-IP in a way that effectively delivers client applications. The labs for the course involve design exercises and group discussions. Based on the knowledge gained in other BIG-IP LTM courses, you will work with other students to build network designs that incorporate BIG-IP LTM to accomplish goals. The course covers many network design options, as well as best practices for example scenarios. The course explores other design options available using BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Application Security Manager, BIG-IP Message Security Module, and BIG-IP WebAccelerator. Who Should Attend This course is intended for experienced users of the BIG-IP LTM system including • System administrators • Network administrators • Network architects responsible for network design


Topics Include: • Implementing BIG-IP in the Network (Routing, SNATing, nPath [Direct Server Return] and Bridging) • Virtual Server and SNAT applications • Active/Standby best practices • Multi data center availability including BIG-IP GTM and Link Controller • BIG-IP LTM’s role in Security • BIG-IP as a default deny device • BIG-IP’s role in a security architecture • Optional software modules, ASM & MSM • Application Delivery • BIG-IP Application features • Latency’s effect on applications • Overcoming WAN impacts on applications • Optional software module, Web Accelerator Pre-Requisites: Participants must have have (A) passed the BIG-IP LTM Essentials certification test or successfully completed the BIG-IP LTM Essentials course (p 3), and (B) passed the BIG-IP LTM Advanced Topics certification test or successfully completed the BIG-IP LTM Advanced Topics course (p 4.) The student will also benefit from having several months experience configuring and designing with the

866-646-9211

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $2495 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

BIG-IP LTM product before attending this course. By the end of this course, the student shall be able to design and architect BIG-IP LTM systems into network configurations that take into account applications being delivered to clients in a secure, fast and reliable way. To benefit from this class, the student should already understand • TCP/IP Addressing and Routing • Address Resolution Protocol • Direct and Indirect Routing • TCP Handshakes • Common elements of and differences between WAN and LAN components. • Network Application design concepts.

[email protected]


9

Developing iRules

T

he ability to customize your F5 configuration with the iRules control language is one of the best integral values of F5 appliances! iRules allows you to intercept, parse, modify, and route application traffic for your specific needs. iRules gives you direct control over the TMOS™ Universal Inspection Engine to augment or override the standard functions. This 3-day course teaches network professionals how to configure an F5 BIG-IP system with iRules. The course builds on the foundation of the BIG-IP LTM Essentials course (p 3), demonstrating how to logically plan and write iRules to help monitor and manage common tasks involved with processing traffic on the BIG-IP. Course Labs consist of writing, applying and evaluat-ing the effect of iRules on LTM traffic. A hands-on course, it includes lectures, labs, and discussions.

Who Should Attend: • System administrators • Network administrators • Application developers • IT professionals responsible for the configuration and administration of the F5 Networks BIG-IP LTM system. Pre-Requisites: The student must have successfully completed the F5 BIG-IP LTM Essentials course (p 3) The student will also benefit from several months experience configuring and designing with the BIG-IP LTM product. To benefit from this class, the student should already understand • Common network terminology • TCP/IP addressing and routing • Internetworking concepts • Common elements of WAN and LAN environments • Programming Basics (Tcl is a plus) • PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Web browser operation (Internet Explorer is used in this class)

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Tuition: $2995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

Topics Addressed • DevCentral (iRules Resource) • iRules Elements • Syntax and Troubleshooting • iRules Optimization • iRules and Security • Expressions and Operators • Variables and Loops • Data Classes • Persistence and Server Data


10

866-646-9211

[email protected]


Developing iApps for BIG-IP V11.2 ®

G

ives networking professionals a functional understanding of iApps Template development. The course builds on the foundation of the Configuring BIG-IP Local Traffic Manager (LTM) v11 course, demonstrating how to create iApps to configure BIG-IP systems. Course Labs consist of writing and troubleshooting iApps Templates, and deploying Application Services for a simple web application. This hands-on course includes lectures, labs, and discussions. Topics covered in this course include: • Overview of iApps templates and Application Services • Application Programming Language (APL) for Presentation • Tool Command Language (Tcl) for Implementation • Traffic Management Shell (tmsh) for Implementation • HTML subset for Help • Procedures and Definitions • Custom Libraries • F5 Default Libraries • Troubleshooting iApps • Modifying F5 iApps Templates • Lab Projects By course completion, the student should be able to develop iApps Templates to configure BIG-IP® LTM systems.

Audience This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of BIG-IP LTM Systems. Prerequisites Students should understand: • Common Security and Network terminology • TCP/IP Addressing, Routing and Internetworking concepts • Security Authorization and Authentication concepts • Common elements of WAN and LAN environments • Basic Traffic Management Shell (tmsh) syntax • Basic Tool Command Language (Tcl) development

Length of Class: 1 Day Tuition: $995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

In addition, students should be proficient in: • Basic PC operation and application skills, including including MS Windows • Basic Web browser operation (Internet Explorer is used in class) • TCL and TMSH commands

“One of the best training classes I have attended EVER!” -- Anne E., commenting on an F5 BIG-IP class


866-646-9211

[email protected]


11

F5 Application Security Manager

H

ow to use F5’s Application Security Manager (ASM) to defend against Web-based application attacks. Course covers installation, configuration, management, security policies, implementation and methodologies of F5’s ASM in both stand-alone and module configuration. Class includes lectures, labs, demonstrations, and discussions. Topics Include: • HTTP and HTML Concepts • Common Vulnerabilities • Web Application Configuration • Security Policy Configuration • Traffic Forensics • Ongoing Policy Management • ASM Application Flow • Enhancing Standard Policies • APC & Policy Building Tools • ASM Learning • Advanced Policy Configuration Upon completing this course, a student should be able to install and understand application flow on an F5 ASM and configure security for a Web application based on the Standard and Enhanced Standard security model. Student will be able to monitor and administer an F5 ASM, as well as modify and configure advanced security policies using different methodologies.

To fully benefit from this class, the student should already understand • Common network terminology • TCP/IP addressing and routing • Web application terminology • Basic HTTP and HTML concepts • Basic Security concepts • PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Web browser operation (Internet Explorer is used in this class)

Length of Class: 4 Days Time: 8:30 am to 4:30 pm Tuition: $3995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

W

hen a customer tells you “It doesn’t get any better

than this!” you have to believe you’re doing something right. Any technology company can sell you a F5, Juniper, or firewall, but Milestone Systems strives to ensure that your organization gains maximum value from that product.

Who Should Attend

• Network Adminstrators • Security Administrators • IT professionals responsible for the installation and day-to-day maintenance of an F5 ASM.


12

866-646-9211

[email protected]


F5 BIG-IP LTM ®

WebAccelerator

C

ourse covers the F5 WebAccelerator Module on TMOS and is intended to help network professionals improve the web site customer experience. With a focus on typical HTTP processes, the course explains how the WebAccelerator Module can take advantage of those processes to decrease response time while ensuring data accuracy and integrity. Via lectures and hands-on exercises, participants gain real-time experience setting up and configuring the necessary portions of F5’s LTM system as well as typical WebAccelerator Module settings. From the LTM framework, these settings include pools, profiles and virtual servers. Discussion and labs focus on the framework of the WebAccelerator Module, as well as editing standard policies to affect how the traffic is manipulated as it is processes by the system. Participants will see how the changes improve the user experience through tools such as HttpWatch.

Length of Class: 1 Day Time: 8:30 am to 4:30 pm Tuition: $995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led


• Common Network terminology • TCP/IP Addressing and Routing • HTTP Standards • Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Basic Web browser operation (Internet Explorer is used in this class)

It will be helpful if participants are familiar with: • pico editor or vi editor • tcpdump program

How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

“First time I have had instructor that had this much real-world knowledge. Both instructors talked at great length about experiences with existing customers. I rate this class “6” on a scale of 1 to 5! ” -- L.C., Network Administrator, Aerospace Company

Who Should Attend

• Installation engineers • IT professionals responsible for initial installation and configuration of the F5 LTM WebAccelerator Module


866-646-9211

[email protected]


13

®

Configuring BIG-IP Advanced Firewall Manager (AFM) - v11

P

rovides security and network professionals with a functional understanding of the BIG-IP Advanced Firewall Manager (AFM). The course includes installation, configuration, management and troubleshooting on a BIG-IP AFM. Lectures, demonstrations, hands-on labs and discussions will be incorporated. Topics covered in this course include: • Installation and setup of the BIG-IP AFM System • Network firewall concepts • Configuring BIG-IP AFM for DoS protection • Event Logs and Reports • Basic BIG-IP AFM troubleshooting • BIG-IP AFM Administration tools • Lab Projects By course completion, the student should be able to perform an initial configuration of the BIG-IP AFM. The student should be able to monitor, administer, and perform basic configuration and troubleshooting tasks on traffic processed by the BIG-IP AFM System. Students will have an understanding of how the main two


14

facilities of Firewall Rules and DoS (Denial of Service) are configured to build a Firewall and detect and protect against DoS attack. They will also gain hands-on experience using the AFM Reporting and Logging facilities in relation to the Firewall rules which can be used for troubleshooting and determining types of traffic allowed or denied by the firewall. Audience Students should be familiar with the F5 product range and, in particular, how to setup and configure a BIG-IP LTM system, covering the standard F5 concepts of Virtual Servers, Pools, Self IPs and VLANs. Students should have previously attended the following F5 BIG-IP Version 11.x public training courses: • Administering BIG-IP – v11 • Configuring BIG-IP Local Traffic Manager (LTM) - v11 • BIG-IP Application Security Manager (ASM) – v11 • BIG-IP Access Policy Manager (APM) – v11 • BIG-IP Global Traffic Manager (GTM) – v11

866-646-9211


Students should understand: • Common Security and Network terminology • TCP/IP Addressing, Routing and Internetworking concepts • DNS Methodology In addition, students should be proficient in: • Basic PC operation and application skills, including MS Windows • Basic Web browser operation (Internet Explorer is used in class)

[email protected]


F5 BIG-IP Edge Gateway

WAN Optimization Module

F

or F5 users running the WAN Optimization Module on TMOS, this half-day course is designed to help network professionals improve the performance of WAN connections between Data Centers or between Central and Remote Offices. Via lectures, discussion and handson lab exercises, participants gain real-time experience setting up and configuring the necessary portions of the LTM system as well as typical WAN Optimization Module settings. Students learn how to edit the Quick Start template, as well as how to use optimization policies to affect how the traffic is optimized as it is processed by the system.

Who Should Attend • Installation engineers • IT professional responsible for initial installation and configuration of the F5 WAN Optimization Module To fully benefit from this class, the student should already understand • Common network terminology • TCP/IP addressing and routing • PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Web browser operation (Internet Explorer is used in this class)

Length of Class: ½ Day Time: 8:30 am to 4:30 pm Tuition: $595 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Topics Addressed: • Installation, Licensing, Provisioning • Compression Basics • Application Optimization • Symmetric Adaptive Compression • Symmetric Data Deduplication


866-646-9211

[email protected]


15

Access Policy Manager F5 BIG-IP Edge Gateway

P

Who Should Attend • System administrators • Network administrators • IT professionals responsible for installation, setup, configuration, and administration of the BIG-IP APM System.

rovides security and network professionals with a functional understanding of the F5 Networks BIG-IP Access Policy Manager (APM.) The course includes installation, configuration, management and troubleshooting on an F5 BIG-IP APM. Taught via lectures, labs, and discussions with our field-experienced engineer-instructor.

To fully benefit from this class, the student should already understand • Common network terminology • TCP/IP addressing and routing • Web application terminology • Security Authorization and Authentication concepts • Common elements of WAN and LAN environment • PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Web browser operation (Internet Explorer is used in this class)

Topics covered: • Installation and setup of the BIG-IP APM System • Building Access Policies using the Visual Policy Editor • Web Application Access to both http and https Web Applications • Network Access using an SSL VPN tunnel • Security Access, including Authentication, client side checks and Authorization • Building advanced policy checks using variables and iRules • BIG-IP APM Administration tools • Lab Projects

Length of Class: 2 ½ Days Time: 8:30 am to 4:30 pm Tuition: $2495 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

By the end of the course, the student should be able to perform an initial configuration of the BIG-IP APM and Access Policies using the Visual Policy Editor Graphical User Interface. The student should be able to monitor, administer, and perform basic troubleshooting tasks on traffic processed by the BIG-IP APM System.

If you don’t see the course or topic you need, contact us and we’ll find it for you. [email protected]


16

866-646-9211

[email protected]


Administering BIG-IP – V11 ®

P

rovides network administrators, network operators, and network engineers with a functional understanding of the BIG-IP® v11.2 system as it is commonly deployed in an application delivery network. The course introduces students to the BIG-IP system, its configuration objects, how it processes traffic, and how typical administrative and operational activities are performed. The course includes lecture, hands-on labs, interactive demonstrations, and discussions. Topics covered in this course include: • Getting Started with the BIG-IP System • Traffic Processing with LTM • Secure Network Address Translation (SNATs) • Traffic Management Shell (TMSH) and Managing the BIG-IP System • Monitors, Network Map, and Configuration State • Profile Concepts • Session Persistence • iApps Concepts • Basic BIG-IP Troubleshooting • BIG-IP Administration • Overview of Other BIG-IP Products (GTM, ASM, APM) • Enterprise Manager (EM) • High Availability Concepts • iRules

At the end of this course, the student should be able to: • Start/restart, license, and provision the BIG-IP system; •Use the Configuration utility and TMOS Shell (tmsh) to manage BIG-IP resources such as virtual servers, pools, pool members, nodes, profiles, and monitors; • Create, restore from, and manage BIG-IP archives; • View resource status, availability, and statistical information and use this information to determine how the BIGIP system is currently processing traffic • Perform basic troubleshooting and problem determination activities including using the iHealth diagnostic tool, researching known issues and solutions on AskF5, submitting a problem ticket to F5 Technical Support, and viewing traffic flow using tcpdump; • Understand and manage user roles and partitions; • Operate two or more BIG-IPs as part of an N+1 high-availability configuration; • Use an iApp to deploy an application service; • Describe the role of Enterprise Manager in BIG-IP system administration and operation • Describe how traffic flows through LTM, GTM, ASM, and APM • Describe the role if iRules in affecting traffic behavior

Length of Class: 2 Days Tuition: $1995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training

Audience This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation of a BIG-IP application delivery network. This course presents the prerequisite knowledge for many other of F5’s BIGIP instructor-led training courses. Prerequisites Students should understand TCP/IP Addressing and Routing, including: • the Address Resolution Protocol • Direct and Indirect Routing • TCP Handshakes • Common elements of and differences between WAN and LAN components

“This was one of the best classes I’ve ever taken.

Material was very good and to the point. The instructor was extremely knowledgeable and had lots of real world experiences to help us understand the importance of the topics. I was very pleased with the class.” --Randy K, after an F5 BIG-IP class


866-646-9211

[email protected]


17

Configuring BIG-IP LTM v11 ®

T

Prerequisites

his three-day course gives networking professionals a functional understanding of the BIG-IP LTM v11 system as it is commonly used, as well as an in-depth understanding of advanced features. The course covers installation, configuration, and management of BIG-IP LTM systems. This hands-on course includes lectures, labs, and discussions.

Students must complete one of the following: • Administering BIG-IP V11 Instructorled course (p 17) • BIG-IP Local Traffic Manager (LTM) Essentials course (p 3) • Achieve F5 Certified BIG-IP Administrator certification

Topics covered in this course include: • Installation and Licensing • Load Balancing • Persistence • Monitors • Profiles • iApps • Highly Availability • Non Load Balancing Virtual Servers • NATs and SNATs • Selected topics such as IPv6 and Route Domains • iRules By the end of this course, the student should be able to setup an initial configuration and build many common and advanced configurations of BIG-IP LTM systems using either the Graphical User Interface or Command Line utilities. In addition, the student should be able to monitor and manage common tasks concerning traffic processed by a BIG-IP LTM system.

Students should understand: • TCP/IP Addressing and Routing including: o The Address Resolution Protocol o Direct and Indirect Routing o TCP Handshakes • Command Line Configuration • Common elements of and differences between WAN and LAN components • Fundamental programming concepts

Length of Class: 3 Days Tuition: $2995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

In addition, students should be proficient in: • The Linux File System • pico editor or vi editor • The tcpdump program

Note: This three-day course replaces the previous four-day version. Several topics from the four-day course have been moved to the prerequisite Administering BIG-IP V11 Instructor-led course.

Audience This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.


18

866-646-9211

[email protected]


Configuring BIG-IP VIPRION v11 ®

T

his one day course provides network professionals with a functional understanding of the BIG-IP® VIPRION chassis platform. This course includes an overview of chassis platforms, hardware options, configuration of Clustered Multi-Processing (CMP) and virtual CMP (vCMP) deployment options. Instruction is delivered vai lectures, demonstrations, hands-on labs and discussions. Topics covered in this class include: • VIPRION chassis and blade hardware options overview • Installation, license and setup of the BIG-IP® VIPRION System • Configuring Clustered MultiProcessing (CMP) • Configuring virtual CMP (vCMP) host and guests • Inter and Intra High-Availability • Lab Projects By course completion, the student should be able to identify various VIPRION chassis and hardware options, perform an initial configuration of the BIG-IP® VIPRION for both CMP and vCMP configurations options, and configure host and guests. Additionally, the student should be able to monitor, administer, and perform basic troubleshooting tasks on traffic processed by the BIG-IP® VIPRION System.


Audience This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP VIPRION System. Prerequisites Prior to attending Configuring BIG-IP on VIPRION, the student must have attended one of the following courses or passed the following exam: • Administering BIG-IP v11 (p 17) • Configuring BIG-IP LTM v11 (p 18) • Changes in BIG-IP LTM v11 (p 5) • TMOS Administrator Certification Exam


The student can also benefit from attending Configuring BIG-IP LTM and several months experience configuring the BIG-IP LTM product before attending this course. Students should also understand: • Common Security and Network terminology • TCP/IP Addressing, Routing and Internetworking concepts • Security Authorization and Authentication concepts • Common elements of WAN and LAN environments

866-646-9211

[email protected]


19

Configuring & Administering ARX V6 1.1

H

Length of Class: 3 Days Tuition: $2995

elps students learn about the configuration, administration and basic troubleshooting of the ARX series. Students will learn to design the virtualization layer for both CIFS and NFS environments and configure Policy to maximize data management and resource allocation.

Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led

Topics covered in this class include: • Use of the ARX Manager (GUI) and command-line interface (CLI) • ARX installation and network configuration • Namespace and Managed Volume setup • Share import and Virtual Service presentation • Policy creation for migration, tiering, and snapshots • Utilizing Data Manager (DM) • Environment planning and inventory • Single file storage device cut-in • File Tracking, Redundant Pair, and Disaster Recovery features • Identify F5 Support resources and ARX training options Audience This course is intended for anyone who virtualizes file storage or is responsible for installing ARX on the network.


20

Prerequisites Students should understand: • A basic understanding of file storage and server administration (RedHat / Windows /Network Appliance) • An understanding of NFS and CIFS protocols at a high level. (A free webbased WBT “CIFS/NFS Foundations for ARX” is available on F5 University) • The ability to mount NFS reports and CIFS shares on a client • A familiarity with Microsoft Management Console

How to Register: - Call Toll-Free 866-646-9211 and ask for Training Dept - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

In addition, students should be proficient in: • Basic PC operation and application skills, including operating a keyboard, mouse, Linux and Windows OS • Basic Web browser operation (Internet Explorer or Mozilla Firefox are required for class) • A working knowledge of networking (CompTia Network+ or equivalent hands-on networking experience)

866-646-9211

[email protected]


Troubleshooting and Monitoring ARX V6 1.1

T

his two-day course provides students with a solid understanding of monitoring and troubleshooting techniques for the ARX product family using the CLI and ARX Manager (GUI). Students will learn to upgrade, monitor and troubleshoot namespaces, policies and authentication in CIFS, NFS or multiprotocol environments with an emphasis on both problem determination and avoidance. Students will also learn how to collect diagnostic information and packet captures that will be useful when escalating issues to the F5 Support team. Topics covered in this course include: • Implementing a logical troubleshooting methodology • Configuring ARX monitoring options for ARX Manager and CLI • Identifying problems through ARX Manager, CLI, tools and logs • Using F5 resources to isolate problems and take corrective measures • Correcting configuration issues for clients, file servers and the ARX


• Implementing preventive measures through proper monitoring, prevention and disaster recovery planning. Audience This class is intended for file system administrators who will be responsible for installation, configuration, monitoring, maintenance, and troubleshooting the ARX. Prerequisites Students must have attended the Configuring and Administering ARX course (p 20) and have a working knowledge and experience configuring ARX. Students should understand: • DMOS operation in ARX Manager (GUI) and the command-line interface (CLI) • The functions of the Data Manager (DM) application • Configuration of Managed Volumes, Namespaces, Global Servers, and File Servers as used by the ARX system • ARX policy configuration and implementation

866-646-9211


In addition, students should be proficient in: • Basic PC operation and application skills, including operating a keyboard, mouse, Linux and Windows OS • Basic Web browser operation (Internet Explorer and Mozilla Firefox are used in class) • A working knowledge of networking (CompTia Network+ or equivalent hands-on networking experience)

[email protected]


21

FirePass - V6 ®

T

his three-day course provides security and network professionals with a functional understanding of F5’s FirePass® Controller. The course includes installation, configuration, management and troubleshooting on a FirePass system. Lectures, demonstrations, hands-on labs and discussions will be incorporated. Topics include explanations and configuration of: • Installation and set up of the FirePass server • Network Access Using the SSL VPN • Security Access, Authentication and Authorization • Portal Access to Web Sites, Network File Shares and e-Mail • Application Access (Telnet to Unix and Mainframe Hosts and Terminal Services) • Server and Client SSL Certificates setup • End-point security and client policy checking • Failover and Clustering • Administration and Lab Projects

Audience This course is intended for security and network administrators responsible for install, setup, configuration, and administration of the FirePass Controller. Prerequisites Before taking this class, participants should understand: • Common Security and Network terminology • TCP/IP Addressing, Routing and Internetworking concepts • Security Authorization and Authentication concepts • Common elements of WAN and LAN environments


In addition, participants should be proficient with: • Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Basic Web Browser operation (Internet Explorer is used in class)

By course completion, the student should be able to perform an initial configuration of the FirePass Controller and build many common configurations on the FirePass system using the Graphical User Interface (browser based). Additionally, the student should be able to monitor, administer, and perform basic troubleshooting tasks on traffic processed by the FirePass Controller


22

866-646-9211

[email protected]


Configuring Enterprise Manager - V3

T

his one-day course provides networking professionals an overview of Enterprise Manager™, the device management solution that makes it easier for network administrators to view, operate, manage, and administer multiple F5 devices. This hands-on course includes lectures, labs, and discussions, and takes students from initial setup and configuration to operating and optimizing an application delivery infrastructure using Enterprise Manager. Audience This course is intended for network administrators and operators responsible for managing and optimizing networks with multiple F5 devices.

Topics covered in this class include: • Getting Started with Enterprise Manager • Navigating the Graphical User Interface (GUI) • Using BIG-IP® iHealth™ to verify and improve system performance • Simplifying device inventory • Performing remote software upgrades • Configuring centralized, automated reporting • Using Centralized Analytics to analyze performance of web applications • Collecting statistics about device performance • Tracking certificate expiration • Automating centralized backups and archiving • Speeding and simplifying device configuration By course completion, the student should be able to set up and use Enterprise Manager to make device management significantly faster and easier.


Prerequisites Students should understand: • TCP/IP addressing, routing, and internetworking concepts • Common elements of WAN and LAN environments • Essentials of BIG-IP device administration In addition, students should be proficient in: • Basic computer operation and application skills, including Windows • Basic Web browser operation


866-646-9211

[email protected]


23

Firewall Essentials (PAN-EDU-201)

S

tudents participating in this introductory-level class will (1) gain an in-depth knowledge of how to install, configure, and manage their Palo Alto Networks next-gen firewalls (platforms PA-500 through PA-5000 series), as well as (2) learn configuration steps for the security, networking, treat prevention, logging, and reporting features of the Palo Alto Networks Operation Systems (PANOS.)

Who Should Attend • Security Engineers • Network Engineers • Support Staff To fully benefit from this class, the student should already have:

• Basic familiarity with networking concepts including routing, switching, IP addressing. • Basic familiarity with port-based security concepts. • Experience with other security technologies (IPS, proxy, and content filtering) will be helpful. Topics Addressed: Administration:

• GUI & CLI • Configuration management • Role-based Administration

Layer 3 Concepts

• • • • •

Layer 3 interface DHCP configuration Virtual router creation Source NAT policy PDF Policy

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Tuition: $2995 We accept Learning Credits from Palo Alto Networks

Application-ID

Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led

Content-ID

How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training

• • • •

App-ID Security policy Groups & filters Custom App-ID

• URL filtering profile • Antivirus & antispyware • Security profile groups User-ID

• Users & groups • Captive portal • Agents

See www.milestonesystems.com/ training for the most current class schedules & locations.

Decryption Certificates

• SSL policy • Decryption policy

Logging and Reporting

• Application Command Center • Logs & reports IPsec and SSL VPN Extended Concepts

Interface Configuration:

• Vwire interfaces • Tap interfaces • Security Zones


24

866-646-9211

[email protected]


Extended Firewall Management

(PAN-EDU-205)

E

xtended Firewall Management expands on 201 course topics, while introducing more features and functions of Palo Alto Networks Next Generation Firewalls. Successful completion of this 3-day, instructor-led course will enhance the student’s understanding of how to install, configure, manage, and troubleshoot on the entire line of Palo Alto Networks Next- Generation Firewalls (platforms PA-500 through PA-5000 series.) Additionally, students will be instructed on implementing and managing GlobalProtect, Panorama, and Active/Active High Availability. Students will learn how to optimize their visibility and control over applications, users and content via Palo Alto Networks firewalls.

Who Should Attend • Security Engineers • Network Engineers • Support Staff To fully benefit from this class, the student should already have:

• Successfully completed Firewall Essentials (PAN-EDU-201, p 24) or have equivalent experience • Basic familiarity with networking concepts including routing, switching, IP addressing, and basic port-based security concepts. Topics Include: Administration

• Service Route Configuration • Virtual Systems • Log Forwarding

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Tuition: $2995 We accept Learning Credits from Palo Alto Networks Live Instructor Format Options: (1) Classroom at a Milestone Training Facility in the USA. Limited to 12 students. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

Interface Configuration

• VLAN’s and QoS

Content-ID

Layer 3 Concepts

• NAT, OSPF and DNS Proxy

• Custom Threat ID • Data Filtering • DLP, Botnet, Dos

Application-ID

User-ID

• Custom Application Signatures • Application Filters and Groups

• LDAP and Custom API High Availability

• Active/Active GlobalProtect

• GlobalProtect concepts and configuration Panorama

• • • •


866-646-9211

Panorama shared Policy Device Groups Access Control Reporting

[email protected]


25

Panorama Essentials (PAN-EDU-221)

T

he two-day instructor led course will enable the network professionals to configure and manage the Palo Alto Networks Panorama Management Server. Students attending this course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks Panorama Management Server. Upon completion of this course, administrators will understand the Panorama server’s role in managing and securing their overall network. Network professionals will learn to depend on Panorama’s aggregated reporting which will provide them with a holistic view of a network of Palo Alto Networks next-generation firewalls. Scope • Course level: Foundational product configuration and management • Course duration: 2 Days • Course format: Combines lecture with hands-on labs • Platform support: Platform support: Panorama running on VM or M-100 appliance managing PA-200 through PA-5000 series Target Audience • Security Engineers • Network Engineers • Support staff

Prerequisites Students must have a basic familiarity with networking concepts including routing, switching, and IP addressing. Students should also be familiar with basic port-based security concepts. Experience with other security technologies (IPS, proxy, and content filtering) is a plus. Course Online DAY 1 Module 0 – Introduction & Overview Module 1– Architecture Overview • Panorama Solution • Functional Overview • Architecture Design Module 2 – Setup and Administration • Installation • Design and Planning • Administrative Roles • Access Control • Commit Options Module 3 – Device Groups • Device Groups • Policies • Objects • Device Group Commits Module 4 – Templates • Template Overview • Configure Templates • Commits • Overrides

Length of Class: 2 Days Tuition: $1995 We accept Learning Credits from Palo Alto Networks Live Instructor Format Options: (1) Classroom at a Milestone Training Facility in the USA. Limited to 12 students. (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training

DAY 2 Module 5 – Administration • Logging • Reporting • Managing Devices Module 6 – Distributive Log Collection • Log Collector • Collector Groups • Distributed Data Collection • Installation and Configuration Module 7 – Best Practices • High Availability • Export Configuration • Tips and Tricks • Best Practices

“I wanted to reach out and thank you for your help with our Palo Alto Networks project. The two training courses I attended at Milestone were both excellent and comprehensive... and, after those, the cutover to Palo should be pretty straight forward. Thank you.” -- Ty, Firewall Specialist at a Medical Manufacturer


26

866-646-9211

[email protected]


Advanced Firewall Troubleshooting (PAN-EDU-311)

T

his is the next level course after Palo Alto Networks Essentials 201 and Extended 205, expanding on relevant topics with troubleshooting labs and covering the entire Palo Alto Networks firewall product line, models PA-200 through PA-5000. Students will get instructor-led handson experience troubleshooting the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operation System (PANOS.)

Who Should Attend • Security Engineers • Network Engineers • Support Staff

Topics Addressed: • Online Tools • Troubleshooting with GUI • Troubleshooting with CLI • Troubleshooting with Logs • Troubleshooting with PCAPs • Troubleshooting with Debug • Extended Content Break and Fix Labs: • Scenario 1 - Basic Connectivity • Scenario 2 - OSPF • Scenario 3 - VPN • Scenario 4 - NAT • Scenario 1 - SSL Decryption • Scenario 2 - User-ID • Scenario 3 - GlobalProtect • Scenario 4 - High Availability

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Tuition: $2995 We accept Learning Credits from Palo Alto Networks Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

To fully benefit from this class, the student should already have: • Successfully completed Firewall Essentials 201 (p 24) and Firewall Extended (p 25); or have equivalent experience. • Basic familiarity with networking concepts including routing, switching, IP addressing, basic port-based security concepts, and the PANOS CLI.


866-646-9211

[email protected]


27

Certified WAN Acceleration Administrator (BCWAA)

B

Topics Include:

lue Coat Certified WAN Acceleration Administrator course is intended for IT professionals who wish to master the WAN optimization fundamentals of the Blue Coat ProxySG network appliance. To become a Blue Coat Certified ProxySG Administrator, the student will (a) successfully complete this course, and (b) pass Prometric’s online exam. This course covers: • Basic concepts of WAN optimization • How to deploy and license the ProxySG • How to monitor ProxySG traffic • Concepts of bandwidth management • How WAN optimization works and is configured on ProxyClient

Who Should Attend

IT network professionals who: • Wish to master the fundamentals of Blue Coat products (with a focus on WAN Optimization technology), • Have not taken any previous Blue Coat training courses, and • Want to use new ProxySG features enabling application acceleration.

• • • • • • • • • • • • •

Blue Coat Family of Products Blue Coat Product Licensing ProxySG Initial Setup Blue Coat Sky WAN Optimization Features Application Delivery Network Configuring ADN Roles Monitoring Traffic Byte Caching Optimizing CIFS MAPI Over ADN Bandwidth Management Proxy Client Acceleration

Class Combo Bundle: Milestone Systems typically schedules these two classes (Admin & Professional) in the same week for your convenience. See specific dates and locations at www. milestonesystems.com/training, or call toll free: 866-646-9211

Length of Class: 1 Day Level: Intermediate Tuition: $1,000 Take this to go on to: WAN Accelerator Professional Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

To fully benefit from this class, the student should already have: • Familiarity with basic networking concepts, such as local-area networks (LAN), the Internet, security, and IP protocols. • Knowledge of application delivery network and security • Practical experience with the ProxySG in the field.


28

866-646-9211

[email protected]


Certified WAN Acceleration Professional (BCWAP)

T

his Blue Coat Certified WAN Acceleration Professional course is intended for IT network professionals who wish to master the advanced WAN optimization features of application acceler-ation that are available with the Blue Coat ProxySG. To become a Blue Coat Certified WAN Acceleration Professional, the student will (a) successfully complete this course, and (b) pass Prometric’s online exam.

Objectives After completing this course, you will be able to understand: • Basic concepts of WAN optimization • How to deploy and license the ProxySG • How to monitor the ProxySG traffic • Concepts of bandwidth management • How WAN optimization works and is configured on ProxyClient

Who Should Attend IT network professionals who have practical experience with Blue Coat ProxySG and wish to master and deploy advanced WAN optimization capabilities.


Prerequisite Basic networking concepts, such as LANs, the Internet, security and IP protocols such as TCP/IP fundamentals, WCCP, HTTP, CIFS and MAPI. Students should have advanced knowledge of application delivery network and security, as well as practical experience with the ProxySG in the field.

Length of Class: 2 Days Level: Advanced Time: 8:30 am to 4:30 pm Tuition: $2,000 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led

To fully benefit from this class, the student should already have: • Knowledge of application delivery network and security.


Topics Include:


• • • • • • • • • • • • •

WAN Optimization WAN Accelaration Deployments Blue Coat Sky WCCP Setup Services Monitering Traffic Configure ADN Roles Optimizing CIFS MAPI over ADN Accelerating Web Traffic Streaming Media Acceleration Bandwidth Management ProxySG Troubleshooting

866-646-9211

[email protected]


29

Certified ProxySG Administrator (BCCPA)

O

ur Blue Coat Certified ProxySG Administrator (BCCPA) course is intended for IT professionals who desire to master the fundamentals of the Blue Coat ProxySG. To become a Blue Coat Certified ProxySG Administrator, the student will (a) successfully complete this course, and (b) pass Prometric’s online exam. Objectives After taking this course, you will be able to: • Describe the major Secure Web Gateway functions of the ProxySG • Describe the role of the ProxySG as it relates to other Blue Coat products as part of a complete security solution • Configure a ProxySG and place it into live service • Administer the major Secure Web Gateway functions of the ProxySG • Perform basic troubleshooting of the ProxySG and decide when it is appropriate to open a service request

Intended Audience

IT network or security profes-sionals who wish to master the fundamentals of Blue Coat products with a focus on network security. As we as professionals who have not taken any previous Blue Coat training courses.

Topics Include:

• Introduction to ProxySG • ProxySG Security Deployments • ProxySG Initial Security Configurations • ProxySG Management Console • ProxySG Security Licensing • Proxy Services • Hypertext Transfer Protocol • Intro to Visual Policy Manager • Content Filtering and WebPulse • Authentication using LDAP • Authenticating users on ProxySG • Authentication Realms • Authentication with Transparent Proxy • Exceptions and Notifications • Access Logging • Managing SSL Traffic • Basic Troubleshooting

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $2000 Take this to go on to: ProxySG Pro (p 23) Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Class Combo Bundle: Milestone Systems typically schedules these two classes (Admin & Professional) for the same week for your convenience. See specific dates and locations at www. milestonesystems.com/training, or call toll free: 866-646-9211

To fully benefit from this class, the student should already have: Familiarity with networking essentials, such as LAN, Internet, security, and IP protocols. Basic knowledge of authentication methods willl be helpful.


30

866-646-9211

[email protected]


Certified ProxySG Professional (BCCPP)

D

esigned to help IT professionals master the advanced features of Blue Coat’s ProxySG network appliance. To become a Blue Coat Certified ProxySG Professional, the student will (a) successfully complete this course, and (b) pass Prometric’s online exam. Objectives • Describe the architecture of the ProxySG • Write code in Content Policy Language to configure ProxySG policy processing • Implement and troubleshoot advanced authentication realms deployments • Manage downloads and Flash traffic • Implement advanced SSL proxy functionality • Monitor and analyze ProxySG performance • Integrate the ProxySG with other Blue Coat security products

Intended Audience

IT network or security professionals who have practical experience with the ProxySG in the field and wish to master the advanced network security capabilities of Blue Coat products.

Topics Covered:

• SGOS Architecture • Caching Architecture • Introduction to CPL • Basic CPL • HTTP Details • Intermediate CPL • Policy Tracing • CPL Best Practices • Advanced Authentication Concepts • Guest Authentication and Error Handling • Authentication with BCAAA • Kerberos Authentication • Authentication Troubleshooting • Forwarding • SSL Advanced Topics • ProxySG Performance Monitering • ProxySG Integration

Length of Class: 3 Days Tuition: $3000 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Prerequisites:

• Blue Coat Certified ProxySG Administrator (BCCPA) certification,or waiver exam. • Practical experience with the ProxySG in the field. • Knowledge of networking, security, and authentication.



866-646-9211

[email protected]


31

Introduction to JUNOS Operating System (IJOS)

I

n this info-packed one-day introductory course, you’ll get the foundational knowledge required to work with Juniper’s OS (JUNOS) and to configure devices running JUNOS. It is a key component in obtaining the JNCIA-JUNOS certification level.

Objectives After successfully completing this course, you should be able to:

• Describe the basic design architecture of JUNOS • Identify and provide a brief overview of devices running JUNOS • Navigate within the JUNOS CLI • Perform tasks within the CLI operational and configuration modes • Restore a device running Junos OS to its factory-default state; • Perform initial configuration tasks • Configure and monitor network interfaces

• Describe user configuration and authentication options • Perform secondary configuration tasks for features and services such as syslog and tracing, Network Time Protocol (NTP), configuration archival, and SNMP • Monitor basic operation for JUNOS and devices • Identify and use network utilities; • Upgrade the JUNOS • Perform file system maintenance and password recovery on a device running JUNOS

Length of Class: 1 Day Level: Introductory Tuition: $700

Who Should Attend


IT professional responsible for configuring and monitoring devices running JUNOS.

Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training

To fully benefit from this class, the student should already have:

• Basic networking knowledge • Understanding of the OSI model and the TCP/IP protocol suite.

What Is JUNOS? The Junos Platform is an open software platform for developing and running network applications. Multiple components give developers unmatched flexibility to create dynamic applications that interact with the network from the client to the cloud. A layered platform, JUNOS runs the network and enables applications to interact with the network from the client to cloud. Service providers and enterprises can now look beyond building networks made up of individual, disparate boxes toward a unified system for designing and deploying new services in software. By migrating to the Junos Platform, you can reduce the complexity of the network to deploy new services faster with a lower cost of operations. Components of the JUNOS Platform include: (1) Junos Operating System (2) Junos Space network application platform (3) Junos Pulse integrated network client


32

866-646-9211

[email protected]


JUNOS Routing Essentials (JRE)

A

s a key component in obtaining the JNCIA-JUNOS certification level, JUNOS Routing Essentials provides foundational knowledge of routing,configuration examples of general routing, routing policy and firewall filters, in a 1-day format.

Objectives After successfully completing this course, you should be able to: • Explain basic routing operations and concepts; • View and describe routing and forwarding tables; • Configure and monitor static routing; • Configure and monitor OSPF; • Describe the framework for routing policy and firewall filters; • Explain the evaluation of routing policy and firewall filters; • Identify instances where you might use routing policy; • Write and apply a routing policy; • Identify instances where you might use firewall filters; • Write and apply a firewall filter; • Describe the operation and configuration for unicast reverse path forwarding (RPF); • Explain the purpose and benefits of class of service (CoS); • List and explain the various components of CoS; and • Implement and verify proper operation of CoS.


Who Should Attend This course benefits individuals responsible for configuring and monitoring devices running Junos OS. To fully benefit from this class, the student should already have: • Basic networking knowledge • Understanding of the OSI model and the TCP/IP protocol suite. • Successfully completed the Introduction to Junos OS (IJOS) course (p 32.)

Length of Class: 1 Day Time: 8:30 am to 4:30 pm Level: Introductory Tuition: $700 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

866-646-9211

[email protected]


33

JUNOS Security

T

• Implement and monitor policy-based and route-based IPsec VPNs; • Utilize and update the IDP signature database on JUNOS security platforms; • Configure and monitor IDP policy with policy templates; and • Describe, configure, and monitor high availability chassis clusters.

his 3-day, intermediate-level course teaches students the skills for configuration, operation, and implementation of JUNOS security platforms in a typical network environment. Key topics include security zones, policies, UTM, IDP, NAT, high availability clusters, and virtual machines. Through demonstrations and handson labs, students will gain experience in configuring and monitoring JUNOS for Junos security platforms. Objectives After successfully completing this course, you should be able to: • Describe traditional routing, security, and the current trends in internetworking; • Provide an overview of JUNOS security platforms and software architecture; • Describe the logical packet flow and session creation performed by JUNOS security platforms; • Describe, configure, and monitor zones; • Describe, configure, and monitor security policies; • Describe, configure, and monitor firewall user authentication; • Describe various types of network attacks; • Configure and monitor SCREEN options to prevent network attacks; • Explain, implement, and monitor NAT on Junos security platforms; • Explain the purpose and mechanics of IPsec VPNs;


34

Who Should Attend This course benefits operators of SRX Series Services Gateways, including network engineers, administrators, support personnel, and reseller support personnel. To fully benefit from this class, the student should already have: • Basic networking knowledge. • Understanding of the OSI model and the TCP/IP protocol suite. • Successfully completed the Introduction to Junos OS (IJOS) (p 32) and JUNOS Routing Essentials (JRE) courses (p 33), or have equivalent experience with Junos OS.

866-646-9211

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Level: Intermediate Tuition: $2100 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. Continue your education by taking the Advanced JUNOS Security class (AJSEC) (p 35) after this one.

[email protected]


Advanced JUNOS Security (AJSEC)

B

uilding on the current Junos Security (JSEC) offering, this 30day course delves deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with Juniper Networks SRX Services Gateway devices. Through demonstrations and handson labs, students gain experience in configuring and monitoring advanced security features of the JUNOS operating system. This course is based on the Junos OS Release 10.4R1.9. Topics Covered • Forms of security supported by the Junos OS. • Fundamentals of session-based Junos OS. • Junos security handling at Layer 2 versus Layer 3. • SRX Series Services Gateways, fucntions, components, interfaces • Junos OS processing of Application Layer Gateways (ALG). • Altering Junos default behavior of ALG and application processing. • Address books with dynamic addressing. • Composing security policies utilizing ALGs, custom applications, and dynamic addressing • Junos debugging tools (analyze traffic flows and identify traffic processing patterns and problems) • Junos routing instance types used for virtualization. • Selectively forwarding traffic between virtual routing-instances • How to implement policy-based routing. • How to implement static, source, destination, and dual Network Address Translation (NAT).


• Interaction between NAT and security policy; NAT traversal. • How to implement and monitor optimized chassis clustering. • IPv6 support for chassis clusters. • How to Implement graceful restart and nonstop routing with SRX • Junos server load-balancing feature. • How to differentiate and configure standard point-to-point virtual private network (VPN) tunnels, hub-and-spoke VPNs, and group VPNs. • Monitoring operations of IPsec VPN implementations. • Public key cryptography for certificates. • Group VPNs and Dynamic VPNs in an enterprise environment. • IPsec VPN tunnels with OSPF. • IPsec VPN best practices for the Enterprise. • Trouble shooting: Tools, methodolody, common issues.

Who Should Attend This course benefits IT professionals responsible for implementing, monitoring, and troubleshooting Junos security components.

866-646-9211

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Level: Advanced Tuition: $2100 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

To fully benefit from this class, the student should already have: • Strong level of TCP/IP networking and security knowledge; • Successfully completed three other courses: 1. Introduction to Junos (IJOS) (p 32; 2. Junos Routing Essentials (JRE) (p 33); 3. and Junos Security (JSEC) (p 34).

[email protected]


35

JUNOS Enterprise Switching (JEX)

J

unos Enterprise Switching (JEX) is a 2-day course that provides introductory switching knowledge and configuration examples. It includes an overview of switching concepts and operations, virtual LANs, spanning tree protocol, port and device security features, and high-availability features. This course is based on Junos version 10.1R2.8. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring device operations.

Objectives After successfully completing this course, you should be able to: • List benefits of implementing switched LANs • Describe transparent bridging concepts and operations • Describe terms and design considerations for switched LANs • List enterprise platforms that support Layer 2 switching • Configure interfaces for Layer 2 switching operations • Display and interpret the Ethernet switching table • Explain the concept of a virtual LAN (VLAN) • Describe access and trunk port modes • Configure and monitor VLANs • Describe voice VLAN and native VLAN concepts • Explain inter-VLAN routing operations • Configure and monitor inter-VLAN routing • Explain when a spanning tree is


36

required • Describe STP and RSTP operations • List some advantages of using RSTP over STP • Configure and monitor RSTP • Describe the BPDU, Loop, and Root protection features • Configure and monitor the BPDU, Loop, and Root protection features • List and describe various port security features • Configure and monitor port security features • Describe the storm control feature • Configure and monitor storm control • Describe firewall filter support for EX Series switches • Implement and monitor the effects of a firewall filter • List and describe some features that promote high availability • Configure and monitor high availability features • Describe basic concepts and operational details of a virtual chassis • Implement a virtual chassis with multiple EX 4200 switches

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Level: Introductory Tuition: $1400 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Who Should Attend IT professionals responsible for configuring and monitoring Juniper EX Series switches. To fully benefit from this class, the student should already have: • Basic networking knowledge. • Understanding of the OSI model and the TCP/IP protocol suite. • Successfully completed the Introduction to Junos (IJOS) (p 32) and Junos Routing Essentials (JRE) (p 33)

866-646-9211

[email protected]


Service Provider & Enterprise Routing

I

f you work for a Service Provi-der or operate the hardware for enterpriselevel networks, this 4-day course is for you. It combines 3 other cirriculae on Juniper Routing platforms (IJOS, JRE, JIR), covering J-Series, M-Series, SRX and MX routers. Students will learn all aspects of JUNOS Routing, beginning with an introduction to JUNOS, basic and intermediate-level routing operations, and troubleshooting skills. After completing this course, students should be able to understand, operate and confingure JUNOS software and Juniper routers it runs.

Who Should Attend: Engineers, support personnel, reseller support, and others responsible for implementing Juniper Routers in a Service Provider environment, and those striving to become certified engineers. To fully benefit from this class, the student should already have: • Basic understanding of the TCP/IP protocols. • Familiarity with a command-line interface of a switching platform or UNIX system is helpful. The next level course (AJSPR Advanced Junos Service Provider Routing) is also available. Contact us for dates & locations.

Length of Class: 4Days Time: 8:30 am to 4:30 pm Level: Advanced Tuition: $3995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Topics Covered: • • • • •

Junos Fundamentals User Interface Options Initial Configuration Secondary System Configuration Operational Monitoring and Maintenance • Routing Fundamentals • Routing Policy and Firewall Filters • Class of Service • Protocol-Independent Routing • Load Balancing and Filter-Based Forwarding • Open Shortest Path First • Border Gateway Protocol • IP Tunneling • High Availability



866-646-9211

[email protected]


37

Configuring Juniper Networks Secure Access (CJSA)

L

Topics Include:

earn the configuration of Juniper Networks SA Series SSL VPN Appliances in a typical network environment. Key topics include Secure Sockets Layer (SSL) access technologies, basic implementation, and configuration and management options. This course is based on software Release 6.5. Through demonstrations and handson labs, students gain experience in configuring, testing, and troubleshooting basic aspects of the SA Series products.

Objectives After successfully completing this course, you should be able to deploy the SA Series products to support common environments.

Juniper Networks SA Series Secure Access Appliances

• Introduction to the SA Series device • Introduction to the SSL protocol and public key infrastructure (PKI) • Typical deployment scenarios • SA Series terminology • Roles, role restrictions • Realms • Resource policies • Sign-in policies • Authentication servers: -Local -Lightweight Directory Access Protocol (LDAP) -RADIUS (including two-factor) -NT -Network Information Service Authentication policies • Host Checker • Cache Cleaner • Client and server support: -Java-Secure Application Manager (J-SAM) -Windows Secure Application Manager (WSAM) • Network Connect • Troubleshooting

• Single SSL VPN security platform to serve all remote access needs. • Secure clientless access to enter-prise applications and resources. • Endpoint security, granular remote access control, and threat prevention.

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Level: Introductory Take this class to go on to: AJSA (p 31) Tuition: $2000 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Who Should Attend Network engineers, support personnel, reseller support, and anyone responsible for implementing Juniper’s SA Series products.

To fully benefit from this class, the student should already possess at least a moderate background in: • • • •

Internetworking basics Basic security concepts Network administration Application support

• Scalable SSL VPN appliances for secure remote and extranet access solution for companies of all sizes. • Highly available and scalable appliances for service providers.


38

866-646-9211

[email protected]


Advanced Juniper Networks Secure Access (AJSA)

A

dvanced, intense course on configuration of Juniper Networks SA Series SSL VPN Appliances. Key topics include public key infrastructure (PKI) support, additional authentication and authorization servers, complex policies, customization, virtual systems, troubleshooting, high availability, and Secure Meeting. This course is based on software Release 6.5. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting advanced features of Juniper’s SA Series.

Objectives After successfully completing this course, you should be able to deploy the SA Series products to support common environments.


Topics Include: • Advanced access management

-PKI support -Certificate revocation lists (CRL) -Virtual hosting -Single sign-on (SSO)

• Advanced authentication

-Certificate -Anonymous -SiteMinder -Security Assertion Markup Language (SAML)

• Advanced policies

• • • • • • •

-Rewriting policies -Authentication policies -Role mapping -Resource policies

Password management Administrative delegation Custom user interface (UI) Clustering Troubleshooting Instant Virtual System (IVS) Secure Meeting

Who Should Attend Network engineers, support personnel, reseller support, and anyone responsible for implementing Juniper’s SA Series appliances.

866-646-9211

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Level: Advanced Tuition: $2000 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. To fully benefit from this class, the student should already have: • Successfully completed the Configuring Juniper Networks Secure Access (CJSA) course (p 38) or have equivalent experience with the Juniper Networks SA Series products. • Familiarity with configuration of:

-Roles -Realms -Resource Policies -Authentication Servers

[email protected]


39

Intro to Juniper Networks Wireless LAN (IJWL)

L

earn about Juniper’s Wireless Large Area Network (LAN) system architecture and a project framework for planning a WLS system deployment. • Radio Frequency (RF) planning capabilities of the RingMaster software • Basic wireless LAN controller (WLC) configuration through the commandline interface (CLI) • A secure, enterprise-grade employee service in detail and other service options (such as a Web portal login) • Integration issues with the backend authentication, authorization, and accounting (AAA), Domain Name System (DNS), and Dynamic Host Configuration Protocol (DHCP) servers • Monitoring, management and reporting capabilities of RingMaster software. After completing this course, students should be able to: • Effectively use the RingMaster management console to plan, deploy, configure, manage, monitor, and report on a WLS system. • Work with domains and clusters to ensure campus-wide seamless roaming on the wireless LAN and provide industry-leading system resilience. • Scale the management of the system using the RingMaster console and its policy configuration capabilities. • Navigate the CLI and be familiar with some important command line utilities.

Who Should Attend IJWL is an intermediate-level course, designed to give field and support engineers a high level of technical competence with the Juniper Networks WLS products. To fully benefit from this class, the student should already have:

• Intermediate-level networking knowledge and an understanding of the Open Systems Interconnection (OSI) model and the TCP/IP protocol suite. • A good understanding of 802.11 wireless LAN fundamentals and be familiar with AAA concepts and RADIUS. • Attended both the Juniper Networking Fundamentals and the Juniper WLAN Fundamentals online courses (or possess equivalent knowledge)

Length of Class: 4 Days Time: 8:30 am to 4:30 pm Level: Introductory Tuition: $3995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Advanced Juniper Networks Wireless LANs) is also available. Contact us for dates & locations.

Topics Covered:

• Juniper Networks Wireless LAN System Overview • WLS Basic Architecture • WLS Software Installation • Reverse Planning • Hardware Setup and Configuration • WLS Service Configuration • Troubleshooting • WLS Network Integration • WLS Domains and Clusters • WLS Advanced Architecture • WLS Monitoring • WLS Management and Reporting • Tracing an 802.1X Authentication

The next level course (AJWL


40

866-646-9211

[email protected]


JNCIP/IE Prep: Remote Proctored Lab Exam

A

virtual, instructor-led session, this class is designed to help candidates prepare for the Juniper Networks JNCIP & JNCIE Certification lab exam. Upon completion of this course, candidates will have a better understanding of the complex testing scenarios they will face in the exam, as well as a check list of areas of studies that need improvement and further study.

Who Should Attend IT professionals who desire to successfully pass the Juniper Networks JNCIP/IE Certification, such as: • Network engineers • Support personnel • Reseller support • Juniper Networks Partners • Personnel responsible for implementing networking products and technologies For this class, students must have: • Juniper Networks JNCIS-M Certification (highly recommended) • Internet connectivity to access the remote lab gear • Telnet via terminal emulation program such as HyperTerminal, SecureCRT, Putty or similar program. • Instant Messaging or Email with which to communicate with the Remote Proctor for questions. • Dedicated 8 hour block of time to complete the remote practice exam.


JNCIP Remote Proctored Lab Topics Include:

• IGP Protocols including RIP, BGP, OSPF, IS-IS, • Routing Policies • BGP Confederations • BGP Route Reflector • System Configuration including user, syslog, snmp configurations • Interface Configurations including VRRP

JNCIE Remote Proctored Lab Topics Include: • Network and Protocol Troubleshooting • Multi-Protocol Label Switching • Layer 3 Virtual Private Network • Carrier of Carrier internetworking • Layer 2 Virtual Private Networks • Multicast • Firewall Filters and Policers • Class-of Service • IPV6


Length of Class: 8 hours Level: Intermediate to Expert Fee: $800 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Alphabet Soup Notes JNCIS-M Juniper Networks Certified Internet Specialist in M-series Routers. Validates a person’s abilities in hands-on configuration & troubleshooting of Juniper Routers and JUNOS software. This cert is a prerequisite for both JNCIP and JNCIE. JNCIP: Juniper Networks Certified Internet Professional. This certification proves candidate’s practical and theoretical knowledge of core Internet technologies and his/her ability to proficiently apply that knowledge in a hands-on environment. JNCIE: Juniper Networks Certified Internet Expert. Building on the JNCIP knowledge, this cert establishes the truly elite experts of the networking world.

866-646-9211

[email protected]


41

ACX Series Universal Access Routers Overview and Deployment (WBT)

O

n completing this course, you will be able to identify the features and benefits of the ACX Series, install the ACX1000 and ACX2000, perform initial software configuration. Introduction to the ACX Series Universal Routers • Architecture and key components • Features and benefits Exploring the ACX1000 and ACX2000 Universal Access Routers

Length of Class: 1 day Tuition: $995 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

• Introduction to the ACX1000 and ACX2000 Universale Access Routers • About the ACX1000 and ACX2000 Universal Routers • Installing the ACX1000 and ACX2000 Universale Access Routers • Preparing the site for ACX1000 and ACX2000 Universale Access ROuter installation • Installing the ACX1000 and ACX2000 Mounting Hardware • Installing the ACX1000 and ACX2000 Universal Access Routers • Grounding the ACX1000 and ACX2000 Universal Access Routers • Providing power to the ACX1000 and ACX2000 Universal Access ROuters • Connecting ACX1000 and ACX2000 Universale Access Routers to external devices • Initially configuring ACX Series Universal Routers


42

866-646-9211

[email protected]


Advanced Juniper Networks IP Sec VPN Implementations (AJVI)

T

his course focuses on the wide range of options available when configuring VPNs using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. Objectives After successfully completing this course, you should be able to: • Configure LAN-to-LAN IPSec VPNs in various configurations. • Configure VPN redundancy. • Configure dynamic routing using IPSec VPNs. • Configure remote access IPSec connectivity including group IKE and shared IKE. • Configure GRE tunnels. Intended Audience • Network engineers • Network support personnel • Reseller support Prerequisites • Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent experience with ScreenOS software. • General networking knowledge, including Ethernet, TCP/IP, and routing concepts.


Course contents: ScreenOS VPN Basics Review • VPN Review • Verifying Operations • VPN Monitor • Lab 1: VPN Review VPN Variations • Dynamic Peers • Transparent Mode • Overlapping Addresses • Lab 2: VPN Variations Hub-and-Spoke VPNs • Concepts • Policy-Based Hub-and-Spoke • Route-Based, with No Policy, and NHTB • Route-Based with Policy • Centralized Control • AutoConnect-Virtual Private Networks • Lab 3: Hub-and-Spoke VPNs Routing over VPNs • Routing Overview • Configuring RIP • Configuring OSPF • Case Studies • Lab 4: Dynamic Routing Using Certificates • Concepts and Terminology • Configuring Certificates and Certificate Support • Configuring VPNs with Certificates • Lab 5: Using Certificates

866-646-9211

Length of Class: 2 Days Level: Advanced Tuition: $2000 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Redundant VPN Gateways (optional) • Concepts and Terminology • Configuring Certificates and Certificate Support • Configuring VPNs with Certificates • Lab 5: Using Certificates Generic Routing Encapsulation (optional) • Configuring GRE Dial-Up IP Sec VPNs • Basic Dial-up Configuration • Group IKE ID • XAUTH and Shared IKE ID Appednix A: NetScreen-Remote • NetScreen-Remote Overview • Basic Dial-Up A-9 • XAUTH/Shared IKE ID • Demo: Dial-Up VPNs • Lab 6: Dial-Up VPNs

[email protected]


43

Advanced Juniper Networks Wireless LANs (AJWL)

T

he course describes best practice guidelines for planning an enterprise-wide Juniper Networks WLS system with its flexible domain architecture. Best practices for advanced security are presented, as are the issues to be considered when deploying voice and mesh services. Centrally managed architectures are also presented. The course also includes a look at some advanced troubleshooting techniques. The course uses a combination of lecture and practical exercises to ensure a high level of hands-on experience with Juniper Networks WLS hardware and software components, advanced authentication options, and other advanced features.

The course is designed to build on the skills learned in the Introduction to Juniper Networks Wireless LANs (IJWL) course (p 40) and take students to the next level of expertise as a Juniper Networks wireless design, implementation, or management engineer.


44

Objectives After successfully completing this course, you should be able to: • Describe the design factors that must be taken into consideration when planning an enterprise wireless LAN (WLAN) system. • Describe the requirements for WLAN security, for optimum support of voice services and for WLAN mesh solutions. • Plan Radio Frequency (RF) coverage for data and voice services in a multistory, multi-building environment. • Configure secure WLAN services using digital certificate-based authentications and machine authentication. • Describe the issues for the remote management of Access Points (APs) and AP Controllers. • Troubleshoot all aspects of a deployed WLS system. • Configure voice optimized services. • Build a WLAN mesh network in singlehop and multi-hop scenarios. • Deploy and manage remote APs using the AP Controller autoconfiguration capability in architectures with and without Network Address Translation (NAT)

Length of Class: 4 days Level: Advanced Class Type: Classroom Tuition: $2,800 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Prerequisites Students should have intermediatelevel networking knowledge and an understanding of the Open Systems Interconnection (OSI) model and the TCP/IP protocol suite. Students should also have intermediate-level knowledge of the Juniper Networks WLS system. Students should also attend the Introduction to Juniper Networks Wireless LANs (IJWL) course (p 40) prior to attending this class.

Intended Audience This course benefits individuals responsible for planning, configuring, managing, and monitoring devices on a Juniper Networks wireless network.

866-646-9211

[email protected]


Advanced Juniper Enterprise Routing (AJER)

P

rovide students with the tools required for implementing, monitoring, and troubleshooting Layer 3 components in an enterprise network. Detailed coverage of OSPF, BGP, class of service (CoS), and multicast is strongly emphasized. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos operating system and in monitoring device and protocol operations. Intended Audience This course benefits individuals responsible for configuring and monitoring devices running JUNOS Prerequisites Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) model and the TCP/IP protocol suite. Students should also have working experience with basic routing principles. Before taking this class, participants should have attend taken: • Introduction to the Junos (IJOS) (p32) • Junos Routing Essentials (JRE) (p33) and • Junos Intermediate Routing (JIR) (p 46)


Course Objectives After successfully completing this course, you should be able to: • Describe the various OSPF link-state advertisement (LSA) types. • Explain the flooding of LSAs in an OSPF network. • Describe the shortest-path-first (SPF) algorithm. Describe OSPF area types and operations. • Configure various OSPF area types. • Summarize and restrict routes. • Identify scenarios that require routing policy or specific configuration options. • Use routing policy and specific configuration options to implement solutions for various scenarios. • Describe basic BGP operation and common BGP attributes. • Explain the route selection process for BGP. • Describe how to alter the route selection process. • Configure some advanced options for BGP peers. • Describe various BGP attributes in detail and explain the operation of those attributes. •Manipulate BGP attributes using routing policy. • Describe common routing policies used in the enterprise environment. • Explain how attribute modifications affect routing decisions. • Implement a routing policy for inbound and outbound traffic using BGP. • Identify environments that might require a modified CoS implementation. • Describe the various CoS components and their respective functions. • Explain the CoS processing along with CoS defaults on SRX Series Services Gateways. • Describe situations when some CoS features are used in the enterprise. • Implement some CoS features in an enterprise environment.

866-646-9211

Length of Class: 3 days Level: Advanced Tuition: $2,100 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. • Describe IP multicast traffic flow. • Identify the components of IP multicast. • Explain how IP multicast addressing works. • Describe the need for reverse path forwarding (RPF) in multicast. • Explain the role of Internet Group Management Protocol (IGMP) and describe the available IGMP versions. • Configure and monitor IGMP. • Identify common multicast routing protocols. • Describe rendezvous point (RP) discovery options. • Configure and monitor Protocol Independent Multicast (PIM) sparse modes. • Configure and monitor RP discovery mechanisms. • Describe the basic requirements, benefits, and caveats of source-specific multicast (SSM). • List the address ranges used for SSM. • Illustrate the role of Internet Group Management Protocol version 3 (IGMPv3) and PIM sparse mode (PIMSM) in an SSM implementation. • Configure and monitor SSM.

[email protected]


45

Junos Intermediate Routing (JIR)

T

his course provides students with intermediate routing knowledge and configuration examples. The course includes an overview of protocolindependent routing features, load balancing and filter-based forwarding, OSPF, BGP, IP tunneling, and high availability (HA) features. Intended Audience This course benefits individuals responsible for configuring and monitoring devices running JUNOS. Prerequisites Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/ IP protocol suite. Students should have attended the Introduction to Junos (IJOS) (p 32) and Junos Routing Essentials (JRE) (p 33) prior to attending this class.


46

Course Objectives After successfully completing this course, you should be able to: • Describe typical uses of static, aggregate, and generated routes. • Configure and monitor static, aggregate, and generated routes. • Explain the purpose of Martian routes and add new entries to the default list. • Describe typical uses of routing instances. • Configure and share routes between routing instances. • Describe load-balancing concepts and operations. • Implement and monitor Layer 3 load balancing. • Illustrate benefits of filter-based forwarding. • Configure and monitor filter-based forwarding. • Explain the operations of OSPF. • Describe the role of the designated router. • List and describe OSPF area types. • Configure, monitor, and troubleshoot OSPF. • Describe BGP and its basic operations. • Name and describe common BGP attributes.

866-646-9211

Length of Class: 2 days Level: Advanced Class Type: Classroom Tuition: $1.400 or 1400 training credits How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

• List the steps in the BGP route selection algorithm. • Describe BGP peering options and the default route advertisement rules. • Configure and monitor BGP. • Describe IP tunneling concepts and applications. • Explain the basic operations of generic routing encapsulation (GRE) and IP over IP (IP-IP) tunnels. • Configure and monitor GRE and IP-IP tunnels. • Describe various high availability features supported by the Junos OS. • Configure and monitor some of the highlighted high availability features.

[email protected]


Advanced Junos Enterprise Routing Troubleshooting (AJERT)

S

tudents will be provided with information about troubleshooting SRX Series hardware, the Junos operating system, and more obscure problems like packet loss and latency, interior gateway protocols, BGP, routing policy, multicast, and class of service. Students will gain experience in monitoring and troubleshooting these topics through demonstration as well as hands-on labs. The course exposes students to common troubleshooting commands and tools used to troubleshoot various intermediate to advanced issues. Intended Audience ndividuals responsible for configuring and monitoring devices running the Junos OS. Prerequisites • Junos Troubleshooting in the NOC (JTNOC) • Advanced Junos Enterprise Routing (AJER)


Course Objectives • Determine the right questions to ask when troubleshooting an issue. • Identify general outputs and the type of information found in outputs. • Simplify a complex network and recreate an issue in the lab environment. • Describe packet loss in a network. • List the general chassis components. • Identify different methods for troubleshooting major chassis components. • Troubleshoot redundant Routing Engine and Control Board communication. • Isolate problems with interfaces. • Troubleshoot IPv4 interfaces. • Identify an issue with software and the process of events to recreate the issue. • Define a problem report (PR) and identify relevant information contained in a PR. • Find relevant topics within the Juniper Networks Knowledge Base. • List common commands used to troubleshoot and verify various interior gateway protocol (IGP) routing protocols. • Isolate different IGP issues. • List common commands used to troubleshoot and verify BGP. • Isolate different issues with BGP communication and configuration. • Isolate problems relating routing policy structure and configuration. • Identify common commands for troubleshooting routing policy. • Verify and troubleshoot multicast. • Verify and troubleshoot class of service.

866-646-9211

Length of Class: 1 Day Level: Advanced Tuition: $700 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

[email protected]


47

Advanced Junos Enterprise Security Troubleshooting (AJEST)

T

his course is designed to provide students with information about troubleshooting SRX Series hardware, the Junos operating system, and more obscure problems like packet loss and latency, IPsec, security zones and policies, other security features, and chassis clustering. Students will gain experience in monitoring and troubleshooting these topics through demonstration as well as hands-on labs. The course exposes students to common troubleshooting commands and tools used to troubleshoot various intermediate to advanced issues. Intended Audience Individuals responsible for configuring and monitoring devices running the Junos OS. Prerequisites • Junos Troubleshooting in the NOC (JTNOC) • Advanced Junos Security (AJSEC) (p 35) • Junos Intrusion Prevention Systems (JIPS) • Junos Unified Threat Management (JUTM)


48

Course Objectives • Determine the right questions to ask when troubleshooting an issue. • Identify general outputs and the type of information found in outputs. • Simplify a complex network and recreate an issue in the lab environment. • Describe packet loss in a network. • List the general chassis components. • Identify different methods for troubleshooting major chassis components. • Troubleshoot redundant Routing Engine and Control Board communication. • Isolate problems with interfaces. • Troubleshoot IPv4 interfaces. • Identify an issue with software and the process of events to recreate the issue. • Define a problem report (PR) and identify relevant information contained in a PR. • Find relevant topics within the Juniper Networks Knowledge Base. • Troubleshoot security zones. • Troubleshoot security policies. • Troubleshoot IPsec virtual private network (VPN) problems. • Troubleshoot Internet Key Exchange (IKE) phase 1 issues. • Troubleshoot IKE phase 2 issues. • Verify and troubleshoot AppSecure. • Monitor and troubleshoot intrusion prevention system (IPS). • Verify and troubleshoot UTM. • Verify, monitor, and troubleshoot chassis clustering issues. • Troubleshoot different chassis clustering modes.

866-646-9211

Length of Class: 1 Day Level: Advanced Tuition: $700 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

[email protected]


Advanced Junos Enterprise Switching (AJEX)

D

etailed coverage of virtual LAN (VLAN) operations, Multiple Spanning Tree Protocol (MSTP) and VLAN Spanning Tree Protocol (VSTP), authentication and access control for Layer 2 networks, IP telephony features, class of service (CoS), and monitoring and troubleshooting tools and features supported on the EX Series Ethernet Switches. Intended Audience This course benefits individuals responsible for configuring and monitoring EX Series switches. Prerequisites Students should have an intermediatelevel of networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course, the Junos Routing Essentials (JRE) course, and the Junos Enterprise Switching (JEX) course prior to attending this class.


Course Objectives • Implement filter-based VLAN assignments. • Restrict traffic flow within a VLAN. • Manage dynamic VLAN registration. • Tunnel Layer 2 traffic through Ethernet networks. • Review the purpose and operations of a spanning tree. • Implement multiple spanning-tree instances in a network. • Implement one or more spanning-tree instances for a VLAN. • List the benefits of implementing enduser authentication. • Explain the operations of various access control features. • Configure and monitor various access control features. • Describe processing considerations when multiple authentication and access control features are enabled. • Describe some common IP telephony deployment scenarios. • Describe features that facilitate IP telephony deployments. • Configure and monitor features used in IP telephony deployments. • Explain the purpose and basic operations of CoS. • Describe CoS features used in Layer 2 networks. • Configure and monitor CoS in a Layer 2 network . • Describe a basic troubleshooting method. • List common issues that disrupt network operations. • Identify tools used in network troubleshooting. • Use available tools to resolve network issues.

866-646-9211


[email protected]


49

Virtual Training, Real Results

M

ilestone’s Instructor-Led Virtual Training enables IT professionals around the world to tap into the real-world experience of Milestone’s engineers. Many organizations have cut travel budgets, making it difficult for IT staff to take advantage of certified training outside of their immediate locales. Milestone Systems developed a virtual classroom environment that enables IT professionals worldwide to take advantage of Milestone’s worldclass training. “The goal of our Virtual Instructor-Led Training is to reach areas outside of our traditional authorized training classes,” said Paul Eck, Director of Educational Services at Milestone Systems. “Historically, we have offered training in Minneapolis, Atlanta and Tampa, as well as custom on-site training. By offering a virtual option, we are able to reach customers who are unable to travel to these places.

Milestone offers authorized training on many of the solutions it sells, including products from F5 Networks, Cisco IronPort, Blue Coat,Palo Alto Networks and Juniper Networks. Milestone’s authorized training classes are delivered by engineers with real-world experience in the topics they cover, and that distinction applies to the virtual environment as well. “Our virtual training is significantly different from competitive offerings,” Eck said. “It’s live training led by the same instructors who conduct our physical classroom training. These are engineers who do presales and post-sales engineering and professional services for our clients. Students in the virtual environment get the same class as our on-site students -- the only difference is that they aren’t physically in the classroom.” Milestone Systems training goes beyond the manufacturers’ curricula. Most classes are half lecture and half lab, while some of the advanced classes are 30 percent lecture and 70 percent lab. Nothing is lost in the virtual classroom. Students are able to ask questions by typing in a chat window or speaking through a conference bridge. They also get full access to the lab environment.

“Students in the virtual classroom are able to remote into the lab environment and to gain access to virtual installations of F5, Palo Alto Networks, Cisco IronPort and other products. They can work on it as if they’re sitting at a workstation in one of our physical classrooms,” said Eck. “The hands-on component is critical. Our engineer/trainers do a lot of troubleshooting in the labs so students can see how to isolate problems. The instructors point out things they’ve seen in the field so that the students know what to do when they see similar things in their production environments.” “You don’t have to be in the U.S. to take advantage of this training. There are marny large organizations that have support staff across multiple time zones. With virtual training, IT staff in Europe and Asia-Pacific can get the same top-notch training as their co-workers in the U.S. It’s a win-win for everybody.”

To schedule virtual training go to www.milestonesystems.com/training/ and select Virtual Instructor-Led Training from the Location drop down. Or email [email protected].


50

866-646-9211

[email protected]


Advanced Junos Enterprise Switching Troubleshooting (AJEXT)

T

his one-day course is designed to provide students with information about troubleshooting EX Series hardware, the Junos operating system, and more obscure problems like packet loss and latency, Virtual Chassis, spanning tree protocols, Q-in-Q tunneling, port security features, multicast, and class of service. Students will gain experience in monitoring and troubleshooting these topics through demonstration as well as hands-on labs. The course exposes students to common troubleshooting commands and tools used to troubleshoot various intermediate to advanced issues. Intended Audience Individuals responsible for configuring and monitoring devices running the Junos OS Prerequisites • Junos Troubleshooting in the NOC (JTNOC) • Advanced Junos Switching (AJEX)


Objectives After successfully completing this course, you should be able to: • Determine the right questions to ask when troubleshooting an issue. • Identify general outputs and the type of information found in outputs. • Simplify a complex network and recreate an issue in the lab environment. • Describe packet loss in a network. • List the general chassis components. • Identify different methods for troubleshooting major chassis components. • Troubleshoot redundant Routing Engine and Control Board communication. • Isolate problems with interfaces. • Troubleshoot IPv4 interfaces. • Identify an issue with software and the process of events to recreate the issue. • Define a problem report (PR) and identify relevant information contained in a PR. • Find relevant topics within the Juniper Networks Knowledge Base.

866-646-9211

Length of Class: 1 Day Level: Advanced Tuition: $700 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. • Verify and troubleshoot Spanning Tree Protocol (STP). • Verify and troubleshoot Rapid Spanning Tree Protocol (RSTP). • Verify and troubleshoot Multiple Spanning Tree Protocol (MSTP). • Verify and troubleshoot VLAN Spanning Tree Protocol (VSTP). • Verify and troubleshoot Q-in-Q tunneling. • Verify and troubleshoot port authentication and security. • Verify and troubleshoot multicast. • Verify and troubleshoot class of service (CoS).

[email protected]


51

Advanced Junos Service Provider Routing (AJSPR)

S

tudents will be taught details of Juniper OSPF, IS-IS, BGP, and routing policy. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos operating system and in monitoring device and protocol operations. Course Objectives After successfully completing this course, you should be able to: • Describe the various OSPF link-state advertisement (LSA) types. • Explain the flooding of LSAs in an OSPF network. • Describe the shortest-path-first (SPF) algorithm. • List key differences between OSPFv2 and OSPFv3. • Describe OSPF area types and operations. • Configure various OSPF area types. • Summarize and restrict routes. • Identify some scenarios in a service provider network that can be solved using routing policy or specific configuration options. • Use routing policy and specific configuration options to implement solutions for various scenarios. • Explain the concepts and operation of IS-IS. • Describe various IS-IS link-state protocol data unit (LSP) types. • List IS-IS adjacency rules and troubleshoot common adjacency issues. • Configure and monitor IS-IS. • Display and interpret the link-state database (LSDB). • Perform advanced IS-IS configuration options. • Implement IS-IS routing policy. • Explain the default operation in multiarea IS-IS.


52

• Describe IS-IS address summarization methods. • Configure and monitor a multiarea IS-IS network. • Describe basic BGP operation. • List common BGP attributes. • Explain the route selection process for BGP. • Describe how to alter the route selection process. • Configure some advanced options for BGP peers. • Describe various BGP attributes in detail and explain the operation of those attributes. • Manipulate BGP attributes using routing policy. • Explain the causes for route instability. • Describe the effect of damping on BGP routing. • Explain the default behavior of damping on links. • Control damping using routing policy. • View damped routes using commandline interface (CLI) commands. • Describe the operation of BGP route reflection. • Configure a route reflector. • Describe the operation of a BGP confederation. • Configure confederations. • Describe peering relationships in a confederation.

866-646-9211


Intended Audience This course benefits individuals responsible for implementing, monitoring, and troubleshooting Layer 3 components of a service provider’s network. Prerequisites Students should have intermediatelevel networking knowledge and an understanding of the Open Systems Interconnection (OSI) model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Intermediate Routing (JIR) courses prior to attending this class.

[email protected]


Advanced Junos Service Provider Troubleshooting (AJSPT)

P

rovides students with information about troubleshooting hardware, the Junos operating system, and more obscure problems like packet loss and latency, interior gateway protocols, BGP, routing policy, MPLS, Layer 2 and Layer 3 VPNs, multicast, and class of service. Students will gain experience in monitoring and troubleshooting these topics through demonstration as well as hands-on labs. The course exposes students to common troubleshooting commands and tools used to troubleshoot various intermediate to advanced issues. Intended Audience Individuals responsible for configuring and monitoring devices running the Junos OS Prerequisites • Junos Troubleshooting in the NOC (JTNOC) • Advanced Junos Service Provider Routing (AJSPR) • Junos MPLS and VPNs (JMV); • Junos Multicast Routing (JMR) • Junos Class of Service (JCOS)


Objectives After successfully completing this course, you should be able to: • Determine the right questions to ask when troubleshooting an issue. • Identify general outputs and the type of information found in outputs. • Simplify a complex network and recreate an issue in the lab environment. • Describe packet loss in a network. • List the general chassis components. • Identify different methods for troubleshooting major chassis components. • Troubleshoot redundant Routing Engine and Control Board communication. • Isolate problems with interfaces. • Troubleshoot IPv4 interfaces. • Troubleshoot IPv6 interfaces. • Identify an issue with software and the process of events to recreate the issue. • Define a problem report (PR) and identify relevant information contained in a PR. • Find relevant topics within the Juniper Networks Knowledge Base. • List common commands used to troubleshoot and verify different interior gateway protocol (IGP) routing protocols. • Troubleshoot and isolate different IGP issues.

866-646-9211


• List common commands used to troubleshoot and verify BGP. • Isolate different issues with BGP communication and configuration. • Isolate problems on routing policy structure and configuration. • Identify common commands for troubleshooting routing policy. • Troubleshoot the MPLS signaling and forwarding plane. • Troubleshoot Layer 3 VPNs. • Troubleshoot Layer 2 VPNs. • Troubleshoot virtual private LAN service (VPLS). • Verify and troubleshoot multicast. • Verify and troubleshoot class of service

[email protected]


53

Attack Prevention with Juniper Networks Firewalls (APJF)

T

his course meets the business need of customers who are deploying the attack prevention features of ScreenOS software. The course focuses specifically on the attack-related features and assumes familiarity with ScreenOS software. Upon completing this course, you should be able to return to work and successfully configure and verify the desired attack prevention features. Objectives After successfully completing this course, you should be able to: • Configure attack prevention features, including: o SCREEN options; o Deep Inspection; and o Antivirus scanning. • Configure URL filtering • Configure antispyware, antispam, and antiphishing filters.

Length of Class: 1 Day Level: Introductory Tuition: $1000 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Intended Audience This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks products. Prerequisites • The Internet • Networking concepts; and • Terms including TCP/IP and bridging, switching, and routing.


54

866-646-9211

[email protected]


Configuring and Monitoring QFabric Systems (APJF)

S

tudents will be provided with intermediate knowledge of the QFabric system. Students will be provided an overview of the QFabric system with detailed coverage of its components, design, and architecture. Students will learn how the system is deployed and operates and will be provided configuration and monitoring examples. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the QFabric system. Intended Audience This course benefits all individuals responsible for selling, implementing, monitoring, or supporting the QFabric system. Prerequisites • Intermediate TCP/IP networking knowledge • Intermediate Layer 2 switching knowledge • Introductory data center technologies knowledge; and • Attend the Junos Enterprise Switching (JEX) course, or have equivalent experience. Additionally, the Junos Intermediate Routing (JIR) course is recommended.


Objectives • Compare legacy environments with the QFabric system. • Describe the hardware components of the QFabric system. • Explain control plane and data plane functions in the QFabric system. • Describe the goals of the software architecture. • Explain the purpose and functions of the Director software. • Configure and verify some key software abstractions. • List and describe operations of internal protocols used in the QFabric system. • Perform the initial setup and configuration tasks. • Configure and monitor network interfaces. • Log in to system components and verify status. • Explain bridging concepts and operations for the QFabric system. • List and describe supported Layer 2 protocols and features. • Configure and monitor key Layer 2 protocols and features. • Explain routing concepts and operations for the QFabric system. • List and describe supported Layer 3 protocols and features. • Configure and monitor key Layer 3 protocols and features. • Identify the purposes of data center storage along with the challenges. • Describe and compare data center storage technologies.

866-646-9211

Length of Class: 2 Days Level: Intermediate Tuition: $1400 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. • List and describe data center storage networking protocols. • Describe common Fibre Channel topologies, components, and related terminology. • Explain Fibre Channel operations and issues that can impact protocol operations. • Configure and monitor Fibre Channel functionality on the QFabric system. • Identify the various QFabric system software packages. • Perform a standard software upgrade. • Perform a nonstop software upgrade.

[email protected]


55

Configuring and Monitoring the vGW Virtual Gateway (CMvGW)

T

his two-day course is designed to provide students with intermediate knowledge of the Juniper Networks vGW Virtual Gateway product. Students will be provided an overview of the vGW system with detailed coverage of its components, design, and interface. Students will learn how the system is deployed and operates and will be provided configuration and monitoring examples. Objectives • Identify the need for securing virtualized environments. • Describe the purpose of the Security Design vGW and Security VM. • Describe the vGW Web user interface (UI). • Explain the different installation types and perform an installation of the vGW software. • Describe and manipulate the vGW dashboard interface. • Describe and manipulate the Main module and understand basic alerts and events. • Describe the Network module and perform analysis of VM-to-VM traffic flow. • Explain vGW’s four-tier firewall policy model, policy groups, and rules precedence. • Explain smart groups and static groups and build multitier firewall policies that use them. • Explain the purpose of introspection and compliance. • Configure enforcer profiles and compliance rule sets. • Describe and manipulate the IDS module.


56

• Create firewall policy that offloads traffic to the intrusion detection service (IDS) engine. • List and describe the AntiVirus module scan types. • Configure AntiVirus scanner configs and install the vGW endpoint application. • Create reports using the Reports module. • Describe high availability and fault tolerance as they pertain to vGW. • List and describe methods to increase scalability within vGW. • List some methods for troubleshooting various components that make up vGW. • Build log collections. • Perform a backup and restore of the vGW product. • List and describe interoperability with Juniper Networks SRX Series Services Gateways and third-party tools such as syslog and NetFlow. • Describe the Cloud software development kit (SDK).

866-646-9211

Length of Class: 2 Days Level: Intermediate Tuition: $1400 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Intended Audience This course benefits individuals responsible for selling, implementing, monitoring, or supporting the vGW Virtual Gateway product. Prerequisites Students should have experience working with an enterprise-level VMware environment, knowledge of network security concepts (for example, firewalls and IDS), and basic TCP/IP skills.

[email protected]


Configuring Juniper Networks Firewall/IP Sec VPN Products (CJFV)

T

his course is the first in the ScreenOS curriculum. It is an instructor-led course that focuses on configuration of the ScreenOS firewall/ virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations. Intended Audience This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products. Prerequisites • The Internet • Networking concepts • Terms including TCP/IP, bridging,


switching, and routing. Objectives • Explain the ScreenOS security architecture. • Configure administrative access and options. • Back up and restore configuration and ScreenOS files. • Configure a ScreenOS device in transparent, route, Network Address Translation (NAT), and IP version 6 (IPv6) modes. • Discuss the applications of multiple virtual routers. • Configure the ScreenOS firewall to permit and deny traffic based on user defined policies. • Configure advanced policy options. • Identify and configure network designs for various types of network address translation. • Configure policy-based and routebased VPN tunnels.

866-646-9211

Length of Class: 3 Days Level: Introductory Tuition: $2500 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

[email protected]


57

Configuring Security Threat Response Manager (CSTRM)

D

iscuss the configuration of Juniper Networks Security Threat Response Manager (STRM) in a typical network environment. Key topics include deploying an STRM device in the network, configuring flows, running reports, and troubleshooting. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting the STRM device. Objectives • Describe the STRM system and its basic functionality • Describe the hardware used with the STRM system • Identify the technology behind the STRM system • Identify the STRM system’s primary design divisions: display versus detection, and events versus traffic • Plan and prepare for a new installation • Access the administration console • Configure the network hierarchy • Configure the automatic update process • Access the Deployment Editor • Describe the STRM system’s internal processes • Describe event and flow source configuration • List key features of the STRM architecture • Describe the STRM system’s processing logic • Interpret the correlation of flow and event data • List the architectural component that provides each key function • Describe Events and explain where they come from

• Access the Log Activity interface • Execute Event searches; • Describe flows and their origin • Configure the Network Activity interface • Execute Flow searches • Specify the STRM system’s Asset Management and Vulnerability Assessment functionality • Access the Assets interface • View Asset Profile data • View Server Discovery • Access the Vulnerability Assessment Scan Manager to produce vulnerability assessments (VAs) • Access vulnerability scanner configuration • View vulnerability profiles • Describe rules • Configure rules • Configure Building Blocks (BBs) • Explain how rules and flows work together • Access the Offense Manager interface • Understand Offense types; • Configure Offense actions; • Navigate the Offense interface • Explain the Offense summary screen • Search Offenses • Use the STRM system’s Reporting functionality to produce graphs and reports • Navigate the Reporting interface • Configure Report Groups • Demonstrate Report Branding • View Report formats • Indentify the basic information on maintaining and troubleshooting the STRM system


• Navigate the STRM dashboard • List flow and event troubleshooting steps • Access the Event Mapping tool • Configure Event Collection for Junos devices • Configure Flow Collection for Junos devices • Explain High Availability (HA) functionality on an STRM device. Intended Audience This course is intended for network engineers, support personnel, reseller support, and anyone responsible for implementing the STRM system. Prerequisites • Understanding of TCP/IP operation • Understanding of network security concepts • Experience in network security administration

“The real world examples used during the training were the most benefit. Thank you for using as many as you did. It doesn’t get any better than this! --R.B., from a disaster recovery services company


58

866-646-9211

[email protected]


Configuring Steel-Belted Raduis Carrier(CSBR)

D

iscuss the configuration for Juniper Networks Steel-Belted Radius Carrier. Key topics include installation, client configuration, users, authentication, and replication. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting basic aspects of SBR Carrier. Objectives • Define the role of a RADIUS server • Describe authentication, authorization, and accounting (AAA) • Describe the flow of traffic in a RADIUS environment • Identify the components in a typical RADIUS packet • Identify RADIUS attributes and their functions • Describe shared secrets and their role • Identify the protocols used for authenticating end users • Describe RADIUS accounting • Identify the editions of Steel-Belted Radius (SBR) • List the supported operating systems for SBR Carrier • Identify the installation requirements for SBR Carrier • Describe SBR Carrier server roles • Locate SBR Carrier system information • Configure the SBR Carrier license • Describe SBR clients • Configure SBR clients • Describe the different types of users SBR supports • Describe SBR Carrier authentication policies • Describe and configure proxy targets • Identify and proxy realms • Describe directed realms


• Describe how SBR Carrier can use Structured Query Language (SQL) databases for authentication • Configure SQL authentication for SBR Carrier • Describe how SBR Carrier can use Lightweight Directory Access Protocol (LDAP) databases for authentication • Configure LDAP authentication for SBR Carrier • Describe the purpose of attributes, check lists, and return lists • Describe how to implement check lists and return lists • Describe filters and their purpose • Describe how to implement filters • Describe Extensible Authentication Protocol (EAP) • Identify EAP traffic flow • Describe the purpose of certificates • Configure server certificates • Describe EAP mechanisms. • Configure EAP • Describe the benefits of a realm. • Identify the means by which SBR Carrier can recognize realms • Describe how SBR Carrier can handle requests based on realm identifiers • Identify other SBR routing methods • Identify optional authentication methods • Describe and configure SBR Carrier replication • Describe high availability (HA) using Session State Register (SSR) • Locate statistical information • Locate and search reports and log files • Describe the troubleshooting tools that are available to troubleshoot SBR Carrier

866-646-9211


Intended Audience • Network engineers • Support personnel • Reseller support • Anyone responsible for implementing SBR Carrier servers Prerequisites • Working knowledge of networking concepts • Knowledge of UDP and TCP/IP Recommended, but not required: • Working knowledge of Unix Operating Systems • Basic knowledge of SQL and LDAP protocols

[email protected]


59

E-Series Broadband Remote Access Server Configuration Basics (BB)

T

echnical network professionals with be provided with the skills needed to successfully install, configure, and troubleshoot the E-series platform to act as a broadband remote access server (B-RAS). The course covers the fundamentals of B-RAS, ATM, IP over ATM, bridged Ethernet, PPP over ATM, PPP over Ethernet, VLANs, dynamic interfaces, L2TP, policy management as well as E-series router systems administration. Intended Audience Technical network professionals responsible for the integration, configuration, and management of E-series router networks.


Objectives After successfully completing this course, you should be able to: • Configure IP-over-ATM interfaces • Configure bridged Ethernet interfaces • Configure PPP-over-ATM interfaces • Configure PPP-over-Ethernet interfaces • Configure dynamic interfaces; • Configure L2TP • Troubleshoot connectivity issues • Configure fundamental policy management • Describe E-series router system administration tasks Prerequisites Knowledge of IP in an ISP environment and the Introduction to Juniper Routers-E-series course.


60

866-646-9211

[email protected]


E-Series Routing Protocols (CIRCUIT)

T

his course is designed to provide technical network professionals with the skills they need to be able to successfully install, configure, and troubleshoot the E-series router in a dedicated access network running various routing protocols. The course covers the fundamentals of PPP, POS, ATM, VLANs, OSPF, IS-IS, BGP4 as well as E-series system administration. The course consists of over 50% hands-on exercises. Intended Audience This course is intended for technical network professionals responsible for the integration, configuration, and management of E-series router networks.


Objectives After successfully completing this course, you should be able to: • Configure PPP, POS, Ethernet, ATM, and VLAN interfaces on the E-series router • Configure the E-series router for OSPF • Configure the E-series router for IS-IS • Configure the E-series router for BGP • Describe fundamental E-series system administration tasks Prerequisites nowledge of IP in an ISP environment and the Introduction to Juniper Networks Routers-E-series course.


866-646-9211

[email protected]


61

IIDP Implementing Intrusion Detection and Prevention Products

D

iscuss the configuration of Juniper Intrusion Detection and Prevention (IDP) sensors in a typical network environment. Key topics include sensor configuration, creating and fine-tuning security policies, managing attack objects, creating custom signatures, and troubleshooting. This course is based upon IDP software version 4.1 and Security Manager 2007.3. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting the IDP sensor. Objectives • Deploy an IDP sensor on the network • Monitor and understand IDP logs • Configure, install, and fine-tune IDP policies • Configure the Profiler • Troubleshoot sensor problems • Create custom signature attack objects • Configure sensors for high availability using third-party devices.


62

Intended Audience • Network engineers • Support personnel • Reseller support • Other individuals responsible for implementing Juniper Networks IDP products

Length of Class: 3 Days Level: Introductory Tuition: $2500

Prerequisites This course assumes that students have basic networking knowledge and experience in the following areas: • Understanding of TCP/IP operation • Understanding of network security concepts • Experience in network security administration • Experience in UNIX system administration


866-646-9211


[email protected]


IFVH Integrating Juniper Firewall/IP Sec VPN Products into High Performance Networks

T

his course focuses on the ScreenOS features that are typically necessary in large-scale networks, including dynamic routing, virtual systems, traffic shaping, and high availability. Upon completing this course, students should be able to successfully install and configure ScreenOS devices. Students should also be able to verify that a ScreenOS device is interoperating in the network as desired. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting these advanced features of ScreenOS software.

Intended Audience • Network engineers • Network support personnel • Reseller support personnel Prerequisites Completion of the Configuring Juniper Networks Firewall/IPsec VPN Products (CJFV) course (P 59) or equivalent product experience; and general networking knowledge, including and understanding of Ethernet, TCP/IP, and routing concepts


Objectives After successfully completing this course, you should be able to: • Configure virtual systems, including standard, IP-based, and transparent mode • Configure dynamic routing protocols, including OSPF and Border Gateway Protocol (BGP) • Configure multicast operations, including Internet Group Management Protocol (IGMP) and Protocol Independent Multicast—Sparse Mode (PIM-SM) • Configure high availability in both static routing and dynamic routing environments • Configure traffic shaping features • Verify operations and troubleshoot all previous configurations


866-646-9211

[email protected]


63

Introduction to Juniper Networks Routers -E-Series (ERX)

T

This course is a required prerequisite for:

his course provides an introduction to the E-series router platforms, including the E320 router. The course covers E-series router features, applications, and hardware architecture. It gives an overview of using the E-series command-line interface (CLI), including user modes, CLI shortcuts, the file system, and file manipulation. The course teaches students how to use the CLI to perform basic router administration tasks and how to perform a basic configuration of an E-series router. The course also introduces the concept of virtual routers and discusses the basics of virtual router configuration. Prerequisites Students attending this course should have a general knowledge of the Internet Protocol, including addressing. Students should also have a basic understanding of the OSI model, including the roles played by layers 1-4. Familiarity with common TCP and UDP protocols, such as Telnet and FTP, is helpful.


64

• E-series Routing Protocols • E-series Broadband Remote Access Server Configuration Basics Objectives After successfully completing this course, you should be able to: • Describe the E-series router features and applications in both a B-RAS and dedicated access environment • Describe the E-series router hardware architecture • Describe the configuration options available for E-series hardware platforms • List the different CLI user modes; • Describe the file system used on E-series routers • Use the CLI to manipulate files, to reload E-series router, and to perform basic troubleshooting • Use the CLI to configure the E-series platforms for basic IP connectivity • Perform basic virtual router configuration and management tasks.

866-646-9211

Length of Class: 1 Day Level: Introductory Tuition: $600 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. Intended Audience This course is intended for network professionals, managers, and anyone needing an overview of the E-series router.

[email protected]


Introduction to Juniper Networks Wireless LANs (IJWL)

T

he course describes the WLS system architecture and a project framework for planning a WLS system deployment. It covers the Radio Frequency (RF) planning capabilities of the RingMaster software and basic wireless LAN controller (WLC) configuration through the commandline interface (CLI). The course then moves on to describe system and service configuration using RingMaster. The course also describes a secure, enterprise-grade employee service in detail and introduces other service options (such as a Web portal login). Integration issues with the back-end authentication, authorization, and accounting (AAA), Domain Name System (DNS), and Dynamic Host Configuration Protocol (DHCP) servers are examined, and the monitoring, management and reporting capabilities of the RingMaster software are also described. Intended Audience The course is designed to give field and support engineers a high level of technical competence with the Juniper Networks WLS products.

Objectives • Identify the various hardware and software components of the WLS system and describe the system capabilities and architecture • Effectively use the RingMaster management console to plan, deploy, configure, manage, monitor, and report on a WLS system • Describe the requirements for a secure, Enterprise-grade wireless LAN system and configure secure services • Work with domains and clusters to ensure campus-wide seamless roaming on the wireless LAN and provide industry-leading system resilience • Effectively troubleshoot a WLS system deployment and user connectivity to the wireless LAN segment • Scale the management of the system using the RingMaster console and its policy configuration capabilities • Navigate the CLI and be familiar with some important command line utilities • Describe integration issues with the corporate AAA, DHCP, and DNS environments.

Length of Class: 4 Days Level: Intermediate Course Type: Classroom Tuition: $2800 How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations.

Prerequisites Students should have intermediatelevel networking knowledge and an understanding of the Open Systems Interconnection (OSI) model and the TCP/IP protocol suite. Students should also have a good understanding of 802.11 wireless LAN fundamentals and be familiar with AAA concepts and RADIUS. Students should also attend both the Juniper Networks Networking Fundamentals and the Juniper Networks WLAN Fundamentals courses (or possess equivalent knowledge) prior to attending this class.

This course is a 4-day CLASSROOM, instructor-led technical training course on the Juniper Networks Wireless LAN Services (WLS) system. The course includes an overview of the full range of Juniper hardware and software products, and their capabilities and features. The course uses a combination of lecture as well as practical and group exercises to ensure a high level of hands-on experience with the Juniper Networks WLS system components.


866-646-9211

[email protected]


65

WHY Secure Email with Cisco IronPort Appliances?

H

ave you yet discovered the email security appliances with astonishing performance, multi-layer protection, and best-of-breed options? It’s the Cisco IronPort® -- providing innovation for those faced with the monumental task of managing, protecting, and growing missioncritical email systems. It protects your network from within. You control access to networks, servers and applications based on health, machine and user identities while the Cisco IronPort appliance reports all successful access attempts. Cisco IronPort Email Security Appliances protect against messaging threats. They’re easy to manage, flexible, and provide details about content -- both entering and leaving your email system. IronPort appliances are in production at 8 of the 10 largest ISPs and more than 20% of the world’s largest enterprises! These industry-leading systems have a demonstrated record of unparalleled

“We had to fight with our previous system, which constantly crashed and lost customer emails. We’ve not had a single incident with the Cisco IronPort solution since it was installed over a year ago. It’s just a great product.” --Rick Kerr, Broadband Network and Data Services Supervisor, Panhandle Telephone Cooperative, Inc.

performance and reliability.

IronPort Anti-Spam features.

IronPort email security appliances combine antispam, antivirus, encryption, digital rights management, and archiving technologies running on IronPort’s MTA platform. The appliances also provide encryption capabilities, enabling the comprehensive functionality necessary to protect even the most complex enterprise environments.

Cisco IronPort Outbreak Filters are paired with fully integrated traditional antivirus technology and patentpending anti-targeted attack protection to ensure users are protected from the industry’s more malicious attacks.

By reducing the downtime associated with spam, viruses, and blended threats, IronPort email security appliances vastly improve the administration of corporate email systems, reduce the burden on technical staff, and provide constant state-of-the-art network protection. IronPort email security appliances provide a multilayer approach to stopping email-based threats:

Cisco Data Loss Prevention technology provides a broad set of tools to enforce regulatory compliance and acceptable use policies, accurately and efficiently. Cisco IronPort PXE encryption technology fulfills secure messaging, compliance, and regulatory requirements. Milestone Systems is proud to be an authorized integrator of IronPort email security devices, as well as an Authorized Training Center. Call us for more to start your discussion on improving your email security.

For spam protection, email and web reputation filtering technology is combined with industry-leading Cisco


66

866-646-9211

[email protected]


Securing Your Email with Cisco IronPort S-Series

I

Who Should Attend

n-depth, instructor-led training class for Cisco IronPort users. The course includes hands-on labs, demos, and presentations by experienced instructors to help students learn technical aspects of the S-Series Web Security Appliances. In 2 days, learn how to install, configure, operate and maintain the IronPort S-Series.

Topics Covered

• HTTP and HTTPS proxy services • L4 traffic monitoring • Authentication and web access control • URL filtering • Anti-malware filtering • Troubleshooting S-Series configuration issues • S-Series deployment Extensive lab exercises provide critical hands-on product experience. The live lab facilities provide a safe environment in which to experiment with malware and to try configurations that might not be appropriate for a production network. By the end of this course, the student should be able to install, operate and maintain the IronPort S-Series appliances.

• Security Architects and System Designers • Network Administrators and Operations Engineers • Network or Security Managers responsible for web security • To fully benefit from this class, the student should already have: • A basic understanding of TCP/IP services, including DNS, SSH, FTP, NTP and SNMP. • A basic understanding of IP routing. • Familiarity with HTTP and HTTPS, including an understanding of webserver and browser administration and operation. It is helpful but not mandatory that attendees have experience with IronPort Email Security Appliances.

Length of Class: 2 Days Time: 8:30 am to 4:30 pm Tuition: $1995 We accept Cisco & IronPort Learning Credits Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

Product and Malware Overview • Overview of S-Series • Key Features • Malware threats

L4TM Overview & Setup • L4TM Options • Lab Connections Web Proxy & Caching & HTTPS Inspection • How Policies are Assigned • Configure and Debug Proxy • HTTPS Overview

Web Reputation Filtering • WBRS Overview

Anti-Malware • • • •

DVS Overview Webroot Overview MacAfee Scanning Overview Working with Webroot and McAfee

Web Security Manager

• • • •

L4TM Policies Configuring Web Security Manager Configuring the HTTPS Proxy Service Use Case Scenarios

System Administration & Troubleshooting • Ports and Tools • Logs, Alerts, CLI, SNMP • Monitoring

Other Deployment Scenarios • Transparent Proxy Mode • Deployment Life Cycle • Multi-Appliance Deployment

• Access Control Overview


866-646-9211

[email protected]


67

Securing Your Email with Cisco IronPort C-Series

T

his comprehensive 3-day class covers almost everything you’ll need to know about your Cisco IronPort C-Series email security appliances -- including installation, configuration, administration, management, and troubleshooting. Advanced Internet email concepts are also be covered, as well as an overview of product features that can be used for more customized configurations.

Topics Covered (See Syllabus on next page)

• How to administrate with “best practices” for configuration, operation. • How to manage, monitor, and troubleshoot the flow of email through Cisco IronPort email security appliances. • How to configure access control policies to eliminate threats at the perimeter, based on the identity and trustworthiness of the sender. • How to create content filters to implement and enforce corporate email policies. • How to configure IronPort email security appliances to detect and handle unwanted spam and viruses. • How to manage the spam quarantine, both on the C-Series and M-Series appliances. • How to use Cisco IronPort’s reputation-based services, SenderBase and Virus Outbreak Filters, to increase the security of your email network. • How to use Message Tracking and Reporting to document email traffic trends, both on the C-Series and M-Series. • How to set delivery parameters for outgoing mail. • Integrating with a directory server via LDAP • Debugging of LDAP integration issues


68

• Using message filters to redirect and modify messages • Safe deployment and debugging of message filters • Email Authentication with DKIM (Domain Key Identified Mail) and SPF (Sender Profile Framework) • • To fully benefit from this class, the student should already have: • At least a moderate knowledge of TCP/IP fundamentals, including IP addressing and sub-netting, static IP routing and DNS. • Experience with Internet-based messaging, including SMTP, Internet message formats, and MIME message format. • Familiarity with command line interface (CLI) and graphical user interface (GUI). • Previous experience with email security is helpful. • Who Should Attend • Enterprise messaging managers and system administrators • Email system designers and architects • Network managers responsible for messaging implementation

866-646-9211

Length of Class: 3 Days Time: 8:30 am to 4:30 pm Tuition: $2750 We accept Cisco & IronPort Learning Credits Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/training for the most current class schedules & locations.

[email protected]


(Continued from previous page)

SYLLABUS Introduction & System Overview • List IronPort Email Security Appliances • Describe the ESA Hardware Options • Describe the Email Pipeline Filters • List the ESA Feature Key Options • Describe the Operation of a Listener Tracking and Reporting Messages • Perform a system installation of an M-Series • Integrate the M-Series into the existing C-Series lab. • Use local and Centralized Message Tracking • Use Local and Centralized Reporting Controlling Sender & Recipient Domains • Configure public and private listeners • Configure SMTP Routes • Use Senderbase Reputation Scores (SBRS) to manage mail • Use Mail Debugging Tools Controlling Spam with SenderBase & Anti-Spam • Adjust SBRS • Configure Anti-Spam Settings • Configure the IronPort Spam Quarantine • Use the Security Management Appliance for Off Box Quarantining • Module 5 - Using Anti-Virus & Virus Outbreak Filters • Enable one or both Anti-Virus Engines • Use one or both AV Engines in Mail Policies • Use Virus Outbreak Filters to preemptively drop traffic and provide zero-hour protection • Identify best practices for managing IronPort Anti-Virus


Using Mail Policies to Direct Business Email • Use Email Security Manager • Create a User-Based Mail Policies • Use Message Tracking to monitor message splintering Using System Quarantines and Delivery Methods • Describe, create and manage quarantines • Perform searches quarantine contents • Assign Bounce Profiles • Create Virtual Gateways Using Content Filters for Specific Business Needs • Describe content scanning • Detect password-protected / nonprotected attachments • Create weighted content matching • Use Smart Identifiers • Implement Matched Content Visibility • Execute best practices when staging new filters Encrypting Outbound Email • Provision with the Cisco Registered Envelope Service • Associate a content filtering rule with an encrypt action • Register a CRES Envelope Recipient Troubleshooting • Identify Issues • Diagnose and Isolate Problems • Troubleshooting tools and best practices • Log file contents and log administration

866-646-9211

System Administration • Safely upgrade software on your IronPort • Manage users and control alerting behavior • Manage configurations and prepare for disaster recovery • Access Customer Support The 3rd day is composed of lectures and hands-on labs. Configuring LDAP Queries Common Lightweight Directory Access Protocol (LDAP) configurations and issues. Cse studies highlight various installation choices, including addressing the use of the ESA against multiple directories in a heterogeneous enterprise. Message Filters (Advanced Policy) Advanced filter options. Helpful tips and tricks for both Message and Content filters. Extensive hands-on exercises are designed to give the students practice working with the CLI, as well as practical experience troubleshooting and examining logs. Email Authentication Introduces Domain Keys Identified Mail and Sender Profile Framework, their role in Email Authentication and the issues of configuring it on the IronPort Appliance. Helpful examples and laboratories are provided to introduce the user to practical implementations.

[email protected]


69

Security Administration R76 Gaia

T

his course provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network, upgrading and configuring a Security Gateway and implementing a virtual private network. What You’ll Learn • Introduction to Check Point Technology • Deployment Platforms • Introduction to the Security Policy • Monitoring Traffic and Connections • Using SmartUpdate • User Management and Authentication • Identity Awareness • Introduction to Check Point VPNs


70

Who Needs to Attend Technical professionals who support, install, deploy or administer Check Point Software Blades. • System Administrators • Support Analysts • Security Managers • Network Engineers • Anyone seeking CCSA certification Prerequisites Students should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet. Labs • Distributed Installations • Stand-alone Security Gateway Installations • Common Tools • Building a Security Policy • Configure the DMZ • Configure NAT • Monitor with SmartView Tracker • Client Authentication • Identity Awareness • Site-to-Site VPN between corporate and branch office

866-646-9211

Length of Class: 3 Days Tuition: $2995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. This course helps prepare you for CCSA exam #156-215.13 available at VUE test centers www.vue.com/checkpoint. It contains 90 multiple-choice, scenariobased questions. A passing score is 70% or higher in 120 minutes. The exam is based on 80% course materials and 20% hands-on experience with Check Point products. Students should have at least 6 months experience with Check Point products before challenging the exam.

[email protected]


Security Engineering R76 Gaia

Y

ou will gather advanced explanation and techniques for troubleshooting Check Point firewall technology along with several advanced upgrading concepts and practices. This course is designed for expert users and resellers who need to perform advanced deployment configurations of security gateway. Course Outline • Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports • Upgrade and troubleshoot a Management Server using a database migration • Upgrade and troubleshoot a clustered Security Gateway deployment • Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes • Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network • Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network • Build, test and troubleshoot a management HA deployment on an enterprise network • Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement • Using an external user database such as LDAP, configure User Directory to incorporate user information for authentication services on the network • Manage internal and external user access to resources for Remote Access or across a VPN


• Troubleshoot user access issues found when implementing Identity Awareness • Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files and command-line debug tools • Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions • Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers • Create events or use existing event definitions to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry compliance information to management • Troubleshoot report generation given command-line tools and debug-file information Labs • Upgrade to Check Point R76 • Core CLI elements of firewall administration • Migrate to a clustering solution • Configure SmartDashboard to interface with Active Directory • Configure site-to-site VPNS with thirdparty certificates • Remote access with Endpoint Security VPN • SmartEvent and SmartReporter Who Should Attend • System Administrators • Support Analysts • Network Engineers • Anyone seeking CCSE certification

866-646-9211

Length of Class: 3 Days Tuition: $2995 Live Instructor Format Options: (1) Classroom at a Milestone Training Facility (2) On-site at your facility (3) Virtual, instructor-led How to Register: - Call Toll-Free 866-646-9211 - [email protected] - www.milestonesystems.com/training See www.milestonesystems.com/ training for the most current class schedules & locations. This course helps prepare for CCSE exam #156-315.13 available at VUE test centers www.vue.com/checkpoint. It contains 90 multiple-choice, scenariobased questions. A passing score is 70% or higher in 120 minutes. The exam is based on 80% course materials and 20% hands-on experience with Check Point products. Students must have a valid CCSA certification before challenging the CCSE exam.

Prerequisites Successful completion of this course depends on knowledge of multiple disciplines related to network-security activities including UNIX and Windows operating systems, Certificate management, system administration, networking (TCP/IP) knowledge, and Check Point Security Administration course/CCSA Certification.

[email protected]


71