we mean security nexum training course...

Nexum Training Course CatalogWe Mean Security

AUTHORIZED TRAIN ING CENTER

AUTHORIZEDTRAINING CENTER

We Mean Security

Nexum Training Course CatalogTable of ContentsJuNiper

Configuring Juniper Networks Secure Access (CJSA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4

Advanced Juniper Networks Secure Access (AJSA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5

Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) . . . . . . . . . . . . . . . . .6

Network and Security Manager Fundamentals (NSMF) . . . . . . . . . . . . . . . . . . . . . . . . . . .7

Introduction to the Junos Operating System (IJOS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

Junos Routing Essentials (JRE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

Junos Intermediate Routing (JIR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Junos Enterprise Switching (JEX) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Advanced Junos Enterprise Switching (AJEX) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

JNCIS Routing Foundation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

JNCIS Switching Foundation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Juniper SRX Bootcamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Junos Intrusion Prevention System Functionality (JIPS) . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Configuring Unified Access Control (CUAC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Integrating Firewalls and VPNs into High-Performance Networks (IFVH) . . . . . . . . . . . 18

Operating Juniper Networks WX Application Acceleration Platforms (OJWX) . . . . . . 19

Advanced Juniper Networks IPSec VPN Implementations (AJVI) . . . . . . . . . . . . . . . . . . 20

Attack Prevention with Juniper Networks Firewalls (APJF) . . . . . . . . . . . . . . . . . . . . . . 21

F5

BIG-IP® Local Traffic Manager (LTM™) - Essentials v10.2 . . . . . . . . . . . . . . . . . . . . . . . . 22

BIG-IP® Local Traffic Manager (LTM™) - Advanced Topics v10.2 . . . . . . . . . . . . . . . . . . . 23

Troubleshooting BIG-IP® Local Traffic Manager (LTM™) . . . . . . . . . . . . . . . . . . . . . . . . . 24

BIG-IP® Global Traffic Manager (GTM™) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

BIG-IP® Application Security Manager (ASM™) v10.x . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

BIG-IP® WebAccelerator™ Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

FirePass® v6.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

BIG-IP® Edge Gateway Access Policy Manager (APM) . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Configuring BIG-IP® with iRules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

CHECk POINT

Security Administrator R71 (CCSA R71) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Security Administrator R71 Upgrade (CCSA R71 Upgrade) . . . . . . . . . . . . . . . . . . . . . . 32

Security Expert R71 (CCSE R71) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Security Expert R71 Upgrade (CCSE R71 Upgrade) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Multi-Domain Management with Check Point Provider-1 R70 . . . . . . . . . . . . . . . . . . . . 35

BLUE COAT

Certified ProxySG Administrator (BCCPA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Certified ProxySG Professional (BCCPP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Certified WAN Acceleration Administrator (BCWAA) . . . . . . . . . . . . . . . . . . . . . . . . . 38

Certified WAN Acceleration Professional (BCWAP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

We Mean Security

Nexum TrainingTerms and ConditionsThe student(s) enrolled in a Nexum training class may retake the same class once within 12 months of the original attended class at no additional charge. Note: If the courseware has changed due to a new feature pack release, the student will be responsible for the purchase cost of the new material.

Student / Enrollee CancellationAll enrollees are obligated to follow Nexum’s standard enrollee cancellation and rescheduling policy: Should one need to reschedule or cancel any student’s participation, the enrollee must provide written notification to Nexum at least seven (7) business days in advance of the course date. Cancellations failing to meet that deadline, and which occur within seven (7) business days of the class will still be charged for 25% of the course tuition, and within three (3) days, 50% of the course tuition. No-shows or cancellations on the day of or day prior to the course are subject to the FULL course tuition. Rescheduled enrollees are also responsible for the purchase of new courseware due to any courseware Feature Pack releases that occur prior to the rescheduled date for the missed class.

Nexum CancellationNexum Cancellation Policy: Whenever possible, Nexum, Inc. will give at least two weeks’ notice if a class must be canceled or rescheduled. In the unlikely event of a canceled class, payments to date will be refunded or credited to a future class. If rescheduled dates are not suitable, Nexum’s liability shall be limited to a refund of the tuition fees paid for the affected course.

Please contact Nexum Training at (312) 726-6900. or [email protected].

Prices on our website are subject to change - prices based upon total purchase - we specifically disclaim any and all warranties, express or implied, including but not limited to any implied warranties of merchantability or fitness of purpose or those with regard to any licensed products. Nexum shall not be liable for any loss of profits, business, goodwill, data, interruption of business, nor for incidental or consequential damages related to this agreement .

www.nexuminc.com

We Mean Security

4 Juniper CJSAConfiguring Juniper Networks Secure AccessLeNgTh: 2 DAyS CoST: $2,000

CourSe overviewThis two-day course discusses the configuration of Secure Access (SA) products in a typical network environment. key topics include SSL access technologies, basic implementation, and configuration and management options. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting basic facets of the SA products.

obJeCTiveSAfter successfully completing this course, you should be able to deploy the SA products to support common environments. Specific topics include the following:

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Products and Features Chapter 3: Technology and TerminologyChapter 4: Initial ConfigurationChapter 5: User RolesChapter 6: Logging and TroubleshootingDay 2Chapter 7: Resource PoliciesChapter 8: Servers for AuthenticationChapter 9: Client and Server ApplicationsChapter 10: Endpoint Security

www.nexuminc.com/training/juniper/cjsa

• Introduction to the SA platform • Introduction to Secure Sockets Layer (SSL) Protocol and Public key Infrastructure (PkI) • Typical deployment scenarios • SA Terminology • Roles • Role Restrictions • Realms • Resource Policies • Sign-in Policies • Authentication Servers - Local - Lightweight Directory Access Protocol (LDAP) - RADIUS (including two-factor) - NT - Network Information Service (NIS)

• Authentication Policies • Host Checker • Cache Cleaner • Client/Server Support - J-SAM - W-SAM - Network Connect • Troubleshooting

iNTeNDeD AuDieNCeThis course is intended for network engineers, support personnel, reseller support, and anyone responsible for implementing SA products.

PrerequiSiTeSThis course assumes that students have moderate background in internetworking basics, security concepts, network administration, and application support.

www.nexuminc.com

We Mean Security

5 Juniper AJSAAdvanced Juniper Networks Secure AccessLeNgTh: 2 DAyS CoST: $2,000 CourSe overviewThis two-day course discusses the advanced configuration of Secure Access (SA) products. key topics include PkI support, additional authentication and authorization servers, complex policies, customization, virtual systems, high availability, and Secure Meeting. Through demonstrations and hands-on labs, students will gain experience in configuring, testing, and troubleshooting advanced features of the SA products.

obJeCTiveSAfter successfully completing this course, you should be able to deploy the SA products to support common environments. Specific topics include the following:

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: ReviewChapter 3: Authentication OptionsChapter 4: CertificatesChapter 5: Complex Policies Chapter 6: Client and ServerDay 2Chapter 7: AdministrationChapter 8: Juniper Endpoint Defense InitiativeChapter 9: Instant Virtual Systems Chapter 10: ClusteringChapter 11: Secure Meeting

www.nexuminc.com/training/juniper/ajsa

• Advanced Access Management - Public key Infrastructure (PkI) support - Certificate Revocation Lists (CRL) - Virtual Hosting - Single Sign On (SSO) • Advanced Authentication - Certificate - Anonymous - Netegrity - SAML • Advanced Policies

- Rewriting Policies - Authentication Policies - Role Mapping - Resource Policies • Password Management • Administrative Delegation • Custom User Interface (UI) • Clustering • Instant Virtual Systems (IVS) • Secure Meeting

iNTeNDeD AuDieNCeThe target audience includes network engineers, support personnel, reseller support, and anyone responsible for implementing SA products.

PrerequiSiTeSThis course assumes that students have successfully attended the Configuring Juniper Networks Secure Access (CJSA) course or have equivalent experience with the Juniper Networks Secure Access products. Specifically, students must be familiar with the configuration of the following:• Roles• Realms• Resource Policies• Authentication Servers

www.nexuminc.com

We Mean Security

6 Juniper CJFvConfiguring Juniper Networks Firewall/IPSec VPN ProductsLeNgTh: 3 DAyS CoST: $2,500 CourSe overviewThis course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the Juniper Networks Firewall / VPN products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations. The course combines both lecture and labs, with significant time allocated for hands-on experience. Students completing this course should be confident in their ability to configure Juniper Networks firewall/VPN products in a wide range of installations.

obJeCTiveSAfter successfully completing this course, you should be able to:• Explain the Juniper Networks security architecture• Configure administrative access and options• Back up and restore configuration and ScreenOS files • Configure a Juniper Networks device in transparent, route, and NAT modes• Discuss the applications of multiple virtual routers

• Configure the Juniper Networks firewall to permit and deny traffic based on user defined policies• Configure advanced policy options• Identify and configure network designs for various types of network address translation• Configure policy-based and route-based VPN tunnels

iNTeNDeD AuDieNCeThis course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.

PrerequiSiTeSThis course assumes that students have basic networking knowledge and experience in the following areas:• The Internet• Networking concepts• Terms including TCP/IP, bridging, switching, and routing

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: ScreenOS Concepts, Terminology, and PlatformsChapter 3: Initial ConnectivityChapter 4: Device ManagementDay 2Chapter 5: Layer 3 OperationsChapter 6: Basic Policy ConfigurationChapter 7: Policy OptionsChapter 8: Address TranslationDay 3Chapter 9: Transparent Mode (Optional)Chapter 10: VPN ConceptsChapter 11: Policy-Based VPNsChapter 12: Route-Based VPNs

www.nexuminc.com/training/juniper/cjfv

www.nexuminc.com

We Mean Security

7 Juniper NSMFJuniper Networks Network and Security Manager FundamentalsLeNgTh: 2 DAyS CoST: $2,000

CourSe overviewThis two-day course discusses the basic operations of Network and Security Manager. key topics include server and domain administration, device configuration, template creation and management, policy creation and management, logging, and report generation. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting features of Network and Security Manager.

obJeCTiveSAfter successfully completing this course, you should be able to:• Explain Security Manager concepts and terminology• Set up and administer Security Manager servers • Configure domains and administrators• Add devices using modeling and importing• Work with objects and templates

• Configure policies• Perform routine device management tasks• Work with logs and reports• Configure VPNs with the VPN Manager tool

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Security Manager ConceptsChapter 3: Server AdministrationChapter 4: Domains and AdministratorsChapter 5: Adding DevicesChapter 6: Abstraction—Objects and TemplatesDay 2Chapter 7: Abstraction—PoliciesChapter 8: Managing DevicesChapter 9: Logging, Reporting and MonitoringChapter 10: Central ManagerChapter 11: Virtual Private Networks

www.nexuminc.com/training/juniper/nsmf

iNTeNDeD AuDieNCeThis course is intended for network engineers, network support personnel, reseller support personnel, and anyone else needing a working knowledge of Security Manager.

PrerequiSiTeSThis course assumes that students have basic networking knowledge and experience in the following areas:• Ethernet• TCP/IP• Routing

www.nexuminc.com

We Mean Security

8 Juniper iJoSIntroduction to the Junos Operating SystemLeNgTh: 1 DAy CoST: $700

CourSe overviewThis one-day course provides students with the foundational knowledge required to work with the Junos operating system and to configure Junos devices. The course provides a brief overview of the Junos device families and discusses the key architectural components of the software. key topics include user interface options with a heavy focus on the command-line interface (CLI), configuration tasks typically associated with the initial setup of devices, interface configuration basics with configuration examples, secondary system configuration, and the basics of operational monitoring and maintenance of Junos devices. This course is based on Junos OS Release 10.3R1.9. Through demonstrations and hands-on labs, students will gain experience in

configuring and monitoring the Junos OS and monitoring basic device operations.

obJeCTiveSAfter successfully completing this course, you should be able to:• Describe the basic design architecture of the Junos OS• Identify and provide a brief overview of Junos devices• Navigate within the Junos CLI• Perform tasks within the CLI operational and configuration modes• Restore a Junos device to its factory-default state• Perform initial configuration tasks• Configure and monitor network interfaces• Describe user configuration and authentication options• Perform secondary configuration tasks for features and services such as system logging (syslog) and tracing, Network Time Protocol (NTP), configuration archival, and SNMP• Monitor basic operation for the Junos OS and devices• Identify and use network utilities• Upgrade the Junos OS• Perform file system maintenance and password recovery on a Junos device• Navigate within the Junos J-Web interface

www.nexuminc.com/training/juniper/ijos

iNTeNDeD AuDieNCeThis course benefits individuals responsible for configuring and monitoring devices running the Junos OS.

PrerequiSiTeSStudents should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite.

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Junos Operating System FundamentalsChapter 3: User Interface OptionsChapter 4: Initial ConfigurationChapter 5: Secondary System ConfigurationChapter 6: Operational Monitoring and Maintenance

www.nexuminc.com

We Mean Security

9 Juniper JreJunos routing essentialsLeNgTh: 1 DAy CoST: $700

CourSe overviewThis one-day course provides students with foundational routing knowledge and configuration examples and includes an overview of general routing concepts, routing policy and firewall filters, and class of service (CoS). This course is based on Junos operating system Release 10.3R1.9. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring basic device operations.

obJeCTiveSAfter successfully completing this course, you should be able to:• Explain basic routing operations and concepts• View and describe routing and forwarding tables• Configure and monitor static routing• Configure and monitor OSPF• Describe the framework for routing policy and firewall filters• Explain the evaluation of routing policy and firewall filters• Identify instances where you might use routing policy• Write and apply a routing policy• Identify instances where you might use firewall filters• Write and apply a firewall filter• Describe the operation and configuration for unicast reverse path forwarding (RPF)• Explain the purpose and benefits of CoS• List and explain the various components of CoS• Implement and verify proper operation of CoSiNTeNDeD AuDieNCeThis course benefits individuals responsible for configuring and monitoring devices running the Junos OS.

PrerequiSiTeSStudents should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course prior to attending this class.

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Routing FundamentalsChapter 3: Routing Policy and Firewall FiltersChapter 4: Class of Service

www.nexuminc.com/training/juniper/jre

www.nexuminc.com

We Mean Security

10 Juniper JirJunos intermediate routingLeNgTh: 2 DAyS CoST: $1,400

CourSe overviewThis two-day course provides students with intermediate routing knowledge and configuration examples. The course includes an overview of protocol-independent routing features, load balancing and filter-based forwarding, OSPF, BGP, IP tunneling, and high availability (HA) features. This course is based on the Junos operating system Release 10.1R1.8. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring device operations.

obJeCTiveSAfter successfully completing this course, you should be able to:• Describe typical uses of static, aggregate, and generated routes• Configure and monitor static, aggregate, and generated routes• Explain the purpose of Martian routes and add new entries to the default list• Describe typical uses of routing instances• Configure and share routes between routing instances• Describe load-balancing concepts and operations• Implement and monitor Layer 3 load balancing• Illustrate benefits of filter-based forwarding• Configure and monitor filter-based forwarding• Explain the operations of OSPF• Describe the role of the designated router• List and describe OSPF area types• Configure, monitor, and troubleshoot OSPF• Describe BGP and its basic operations• Name and describe common BGP attributes• List the steps in the BGP route selection algorithm• Describe BGP peering options and the default route advertisement rules• Configure and monitor BGP• Describe IP tunneling concepts and applications• Explain the basic operations of generic routing encapsulation (GRE) and IP over IP (IP-IP) tunnels• Configure and monitor GRE and IP-IP tunnels• Describe various high availability features supported by the Junos OS• Configure and monitor some of the highlighted high availability featuresiNTeNDeD AuDieNCeThis course benefits individuals responsible for configuring and monitoring devices running the Junos OS.

PrerequiSiTeSStudents should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to Junos Software (IJS) and Junos Routing Essentials (JRE) courses prior to attending this class.CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Protocol-Independent RoutingChapter 3: Load Balancing and Filter-Based ForwardingChapter 4: Open Shortest Path First

Day 2Chapter 5: Border Gateway ProtocolChapter 6: IP TunnelingChapter 7: High Availability

www.nexuminc.com/training/juniper/jir

www.nexuminc.com

We Mean Security

11 Juniper JeXJunos Enterprise SwitchingLeNgTh: 2 DAyS CoST: $1,400

CourSe overviewJunos Enterprise Switching is a two-day course that provides students with introductory switching knowledge and configuration examples. This course includes an overview of switching concepts and operations, virtual LANs (VLANs), the Spanning Tree Protocol (STP), port and device security features, and high availability (HA) features. This course is based on the Junos operating system Release 10.1R2.8. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and in monitoring device operations.

obJeCTiveSAfter successfully completing this course, you should be able to:• List the benefits of implementing switched LANs• Describe transparent bridging concepts and operations• Describe terms and design considerations for switched LANs• List enterprise platforms that support Layer 2 switching• Configure interfaces for Layer 2 switching operations• Display and interpret the Ethernet switching table• Explain the concept of a VLAN• Describe access and trunk port modes• Configure and monitor VLANs• Describe voice VLAN and native VLAN concepts• Explain inter-VLAN routing operations• Configure and monitor inter-VLAN routing• Explain when a spanning tree is required• Describe STP and Rapid Spanning Tree Protocol (RSTP) operations• List some advantages of using RSTP over STP• Configure and monitor RSTP

• Describe the bridge protocol data unit (BPDU), Loop, and Root protection features• Configure and monitor the BPDU, Loop, and Root protection features• List and describe various port security features• Configure and monitor port security features• Describe the storm control feature• Configure and monitor storm control• Describe firewall filter support for EX Series Ethernet Switches• Implement and monitor the effects of a firewall filter• List and describe some features that promote high availability• Configure and monitor high availability features.• Describe the basic concepts and operational details of a virtual chassis.• Implement a virtual chassis with multiple EX4200 switches

iNTeNDeD AuDieNCeThis course benefits individuals responsible for configuring and monitoring EX Series switches.

PrerequiSiTeSStudents should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the “Introduction to Junos Software” (IJS) and the “Junos Routing Essentials” (JRE) courses prior to attending this class.

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Layer 2 SwitchingChapter 3: Virtual NetworksChapter 4: Spanning TreeDay 2Chapter 5: Border Gateway ProtocolChapter 6: IP TunnelingChapter 7: High Availability

www.nexuminc.com/training/juniper/jex

www.nexuminc.com

We Mean Security

12 Juniper AJeXAdvanced Junos Enterprise SwitchingLeNgTh: 2 DAyS CoST: $1,400

CourSe overviewAdvanced Junos Enterprise Switching is a two-day course that provides detailed coverage of virtual LAN (VLAN) operations, Multiple Spanning Tree Protocol (MSTP) and VLAN Spanning Tree Protocol (VSTP), authentication and access control for Layer 2 networks, IP telephony features, class of service (CoS) and monitoring and troubleshooting tools and features supported on the EX Series Ethernet Switches. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos operating system and in monitoring device and protocol operations. This course is based on the Junos OS release 10 .4r3 .4 .

obJeCTiveSAfter successfully completing this course, you should be able to:• Implement filter-based VLAN assignments.• Restrict traffic flow within a VLAN.• Manage dynamic VLAN registration.• Tunnel Layer 2 traffic through Ethernet networks.• Review the purpose and operations of a spanning tree.• Implement multiple spanning-tree instances in a network.• Implement one or more spanning-tree instances for a VLAN.• List the benefits of implementing end-user authentication.• Explain the operations of various access control features.• Configure and monitor various access control features.• Describe processing considerations when multiple authentication and access control features are enabled.

• Describe some common IP telephony deployment scenarios.• Describe features that facilitate IP telephony deployments.• Configure and monitor features used in IP telephony deployments.• Explain the purpose and basic operations of CoS.• Describe CoS features used in Layer 2 networks.• Configure and monitor CoS in a Layer 2 network .• Describe a basic troubleshooting method.• List common issues that disrupt network operations.• Identify tools used in network troubleshooting.• Use available tools to resolve network issues.

iNTeNDeD AuDieNCeThis course benefits individuals responsible for configuring and monitoring EX Series switches.

PrerequiSiTeSStudents should have an intermediate-level of networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course, the Junos Routing Essentials (JRE) course, and the Junos Enterprise Switching (JEX) course prior to attending this class.

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Advanced Ethernet SwitchingChapter 3: Advanced Spanning TreeChapter 4: Authentication and Access ControlDay 2Chapter 5: Deploying IP Telephony FeaturesChapter 6: Class of ServiceChapter 7: Monitoring and Troubleshooting Layer 2 Networks

www.nexuminc.com/training/juniper/ajex

www.nexuminc.com

We Mean Security

13 Juniper JNCiS-rJunos JNCiS routing FoundationLeNgTh: 4 DAyS CoST: $2,520

CourSe overviewThis four-day class provides the foundational knowledge required to work with the Junos operating system, specifically focusing on routing knowledge and configuration examples. key topics include user interface options with a heavy focus on the command-line interface (CLI), configuration tasks typically associated with the initial setup of devices, interface configuration basics with configuration examples, secondary system configuration, and the basics of operational monitoring and maintenance of Junos devices. The course also includes an overview of general routing concepts, routing policy and firewall filters, class of service (CoS), protocol-independent routing features, load balancing and filter-based forwarding, OSPF, BGP, IP tunneling, and high availability (HA) features. This course is based on Junos operating system Release 10.1R1.8. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring basic device operations.

obJeCTiveSAfter successfully completing this course, you should be able to:• Describe the basic design architecture of the Junos OS• Identify and provide a brief overview of Junos devices• Navigate within the Junos CLI• Perform tasks within the CLI operational and configuration modes• Restore a Junos device to its factory-default state• Perform initial configuration tasks• Configure and monitor network interfaces• Explain basic routing operations and concepts• View and describe routing and forwarding tables• Configure and monitor static routing• Configure and monitor OSPF• Describe the framework for routing policy and firewall filters

• Explain the evaluation of routing policy and firewall filters• Identify instances where you might use routing policy• Describe typical uses of static, aggregate, and generated routes• Configure and monitor static, aggregate, and generated routes• Explain the purpose of Martian routes and add new entries to the default list• Describe typical uses of routing instances• Configure and share routes between routing instances• Describe load-balancing concepts and operations• Implement and monitor Layer 3 load balancing



CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Junos Operating System FundamentalsChapter 3: User Interface OptionsChapter 4: Initial ConfigurationChapter 5: Secondary System ConfigurationChapter 6: Operational Monitoring and MaintenanceDay 2Chapter 7: Routing FundamentalsChapter 8: Routing Policy and Firewall FiltersChapter 9: Class of Service

Day 3Chapter 10: Protocol-Independent RoutingChapter 11: Load Balancing and Filter-Based ForwardingChapter 12: Open Shortest Path FirstDay 4Chapter 13: Border Gateway ProtocolChapter 14: IP TunnelingChapter 15: High Availability

www.nexuminc.com/training/juniper/jncisrouting

www.nexuminc.com

We Mean Security

14 Juniper JNCiS-SJunos JNCIS Switching FoundationLeNgTh: 4 DAyS CoST: $2,520

CourSe overviewThis four-day class provides the foundational knowledge required to work with the Junos operating system, specifically focusing on switching knowledge and configuration examples. key topics include user interface options with a heavy focus on the command-line interface (CLI), configuration tasks typically associated with the initial setup of devices, interface configuration basics with configuration examples, secondary system configuration, and the basics of operational monitoring and maintenance of Junos devices. The course also includes an overview of general switching concepts and operations, virtual LANs (VLANs), the Spanning Tree Protocol (STP), port and device security features, and high availability (HA) features. This course is based on Junos operating system Release 10.1R1.8. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring basic device operations.

obJeCTiveSAfter successfully completing this course, you should be able to:

• Describe the basic design architecture of the Junos OS• Identify and provide a brief overview of Junos devices• Navigate within the Junos CLI• Perform tasks within the CLI operational and configuration modes• Restore a Junos device to its factory-default state• Perform initial configuration tasks• Configure and monitor network interfaces• Explain basic routing operations and concepts• View and describe routing and forwarding tables• Configure and monitor static routing• Configure and monitor OSPF

• Describe the framework for routing policy and firewall filters• Explain the evaluation of routing policy and firewall filters• Identify instances where you might use routing policy• List the benefits of implementing switched LANs• Describe transparent bridging concepts and operations• Describe terms and design considerations for switched LANs• List enterprise platforms that support Layer 2 switching• Configure interfaces for Layer 2 switching operations• Display and interpret the Ethernet switching table• Explain the concept of a VLAN



CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Junos Operating System Fundamentals

Chapter 3: User Interface OptionsChapter 4: Initial ConfigurationChapter 5: Secondary System ConfigurationChapter 6: Operational Monitoring and MaintenanceDay 2Chapter 7: Routing FundamentalsChapter 8: Routing Policy and Firewall FiltersChapter 9: Class of Service

Day 3Chapter 10: Layer 2 SwitchingChapter 11: Virtual Networks

Chapter 12: Spanning TreeDay 4Chapter 13: Port SecurityChapter 14: Device Security and Firewall FiltersChapter 15: High Availability

www.nexuminc.com/training/juniper/jncisswitching

www.nexuminc.com

We Mean Security

15 Juniper SRX BootcampJuniper SRX Bootcamp with JUNOS Enhanced ServicesLeNgTh: 5 DAyS CoST: $2,995CourSe overviewThis five-day bootcamp provides the foundational knowledge required to configure Juniper SRX devices running JUNOS Software. key topics include user interface options with a heavy focus on the command-line interface (CLI), configuration tasks typically associated with the initial setup of devices, interface configuration basics with configuration examples, secondary system configuration, and the basics of operational monitoring and maintenance of devices running JUNOS Software. This course covers all aspects of the Juniper Networks SRX product, including a JUNOS Primer, Security and Routing principles and configuration methods using JUNOS release 9.5.obJeCTiveSStudents will learn Juniper routing principles and routing concepts, routing policy and firewall filters, and class of service (CoS). The Juniper Networks SRX Bootcamp also provides students with the skills for configuration, operation, and implementation of JUNOS security platforms in a typical network environment. Specific topics include:

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Junos OS FundamentalsChapter 3: User Interface OptionsChapter 4: Initial ConfigurationChapter 5: Secondary System ConfigurationChapter 6: Operational Monitoring and MaintenanceDay 2Chapter 7: Routing FundamentalsChapter 8: Routing Policy and Firewall FiltersChapter 9: Class of ServiceDay 3Chapter 10: Introduction to Junos Security PlatformsChapter 11: ZonesChapter 12: Security Policies

Day 4Chapter 13: Firewall User AuthenticationChapter 14: SCREEN OptionsChapter 15: Network Address TranslationDay 5Chapter 16: IPSec VPNsChapter 17: Introduction to Intrusion Detection and PreventionChapter 18: High Availability Clustering

iNTeNDeD AuDieNCeThis course benefits operators of SRX Series Services Gateways. These operators include network engineers, administrators, support personnel, and reseller support personnel.PrerequiSiTeSStudents should have basic networking knowledge and an understanding of the OSI model and the TCP/IP protocol suite.

• Traffic Processing • JUNOS Software CLI • J-Web GUI • Initial Configuration • Interface Configuration • Secondary System Configuration • User Configuration and Authentication • System Logging and Tracing • Network Time Protocol

• Simple Network Management Protocol • Static/Dynamic Routing • Routing Policy and Firewall Filters • Class of Service • Traffic Queuing & Scheduling • Zone Configuration • Security Policies • Firewall User Authentication • Web Authentication

• Using External Authentication Servers • SCREEN Options • Network Address Translation • Configuration of IPsec VPNs • Implementing IDP • Attack and Signature Database • High Availability Clustering

www.nexuminc.com/training/juniper/srx-bootcamp

www.nexuminc.com

We Mean Security

16 Juniper JiPSJunos Intrusion Prevention System FunctionalityLeNgTh: 2 DAyS CoST: $1,400

CourSe overviewThis two-day course is designed to provide an introduction to the Intrusion Prevention System (IPS) feature set available on the Juniper Networks SRX Series Services Gateway. The course covers concepts, ideas, and terminology relating to providing intrusion prevention using the SRX Series platform. Hands-on labs offer students the opportunity to configure various IPS features and to test and analyze those functions. This course is based on the Junos operating system Release 10.4R1.

obJeCTiveSAfter successfully completing this course, you should be able to:• Describe general types of intrusions and network penetration steps• Describe how to access the SRX Series Services Gateways with IPS functionality for configuration and management• Configure the SRX Series Services Gateways for IPS functionality• Define and describe terminology which comprises Juniper Networks IPS functionality• Describe the steps that the IPS engine takes when inspecting packets• Describe the components of IPS rules and rulebases• Explain the types of signature-based attacks• Describe the uses of custom signatures and how to configure them• Explain how scanning can be used to gather information about target networks

• Configure screens to block various scan types• Describe commonly used evasion techniques and how to block them• Describe denial of service (DoS) and distributed denial of service (DDoS) attacks• Explain the mechanisms available on the SRX Series device to detect and block DoS and DDoS attacks• Configure screens to block DoS and DDoS attacks• Describe the reporting capabilities available for IPS functionality• Explain the terms and concepts related to intrusion prevention• Describe the basic functions and features available on the SRX Series platform that provide IPS functionality• Configure fundamental IPS features and functions on an SRX240 device

iNTeNDeD AuDieNCeThis course benefits individuals responsible for configuring and monitoring the IPS aspects of SRX Series devices.

PrerequiSiTeSStudents should have basic networking knowledge, an understanding of the Open Systems Interconnection (OSI) reference model and an understanding of the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course, the Junos Routing Essentials (JRE) course, and the Junos Security (JSEC) course, or they should have equivalent experience prior to attending this class.

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: Overview of IPS FunctionalityChapter 3: Initial Device ConfigurationChapter 4: IPS Terminology and ConceptsDay 2Chapter 5: IPS Attack ObjectsChapter 6: Scanning and ReconnaissanceChapter 7: Blocking Evasion Techniques and Denial of ServiceChapter 8: Reporting

www.nexuminc.com/training/juniper/jips

www.nexuminc.com

We Mean Security

17 Juniper CuACJuniper Networks Configuring Unified Access ControlLeNgTh: 3 DAyS CoST: $1,800

CourSe overviewThis three-day course discusses the configuration of the Unified Access Control solution offered by Juniper Networks. Students will work with the solution elements—the Infranet Controller, the Infranet Enforcer, and the Infranet Agent—to configure secured access to network resources. key topics include Unified Access Control deployment, basic implementation, and element configuration. Students will have the opportunity to apply their knowledge in several hands-on labs.

obJeCTiveSAfter successfully completing this course, you should be able to deploy the Infranet Controller and Infranet Enforcer to support common environments. Specific topics include:• Introduction to Unified Access Control • Typical deployment scenarios • Terminology • Infranet Controller configuration elements - Roles - Authentication realms - Authentication servers - Resource policies

- Sign-in policies • Overlay Enforcer configuration elements - Infranet policies • Odyssey Access Client configuration elements - Host Checker - Host Enforcer • Troubleshooting

iNTeNDeD AuDieNCeThe intended audience for this course includes network engineers, support personnel, reseller support, and anyone responsible for implementing the Unified Access Control products.

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: The UAC SolutionChapter 3: Initial ConfigurationChapter 4: The Access Management FrameworkDay 2Chapter 5: Overlay EnforcementChapter 6: Configuring Overlay EnforcementChapter 7: Endpoint SecurityChapter 8: Layer 2 EnforcementDay 3Chapter 9: Configuring Layer 2 EnforcementChapter 10: Management and TroubleshootingChapter 11: Authentication OptionsChapter 12: Integration

www.nexuminc.com/training/juniper/cuac

PrerequiSiTeSCompletion of Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) or equivalent experience with ScreenOS firewalls is required. The course also assumes that students understand internetworking basics, basic security concepts, network administration, application support, and basic remote access concepts.

www.nexuminc.com

We Mean Security

18 Juniper iFvhIntegrating Juniper Networks Firewalls and VPNs into High-PerformanceNetworksLeNgTh: 3 DAyS CoST: $2,500 CourSe overviewThis three-day course focuses on the ScreenOS features that are typically necessary in large-scale networks, including dynamic routing, virtual systems, traffic shaping, and high availability. Upon completing this course, students should be able to successfully install and configure ScreenOS devices. Students should also be able to verify that a ScreenOS device is interoperating in the network as desired. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting these advanced features of ScreenOS software. This course is based on ScreenOS version 6.2.

www.nexuminc.com/training/juniper/ifvh

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: ScreenOS VPN Basics ReviewChapter 3: Interior Gateway ProtocolsChapter 4: BGPDay 2Chapter 5: Advanced Static RoutingChapter 6: MulticastChapter 7: Virtual SystemsDay 3Chapter 8: RedundancyChapter 9: Traffic Management

obJeCTiveSAfter successfully completing this course, you should be able to:• Configure virtual systems, including standard, IP-based, and transparent mode• Configure dynamic routing protocols, including OSPF and BGP• Configure multicast operations, including IGMP and PIM-SM• Configure high availability in both static routing and dynamic routing environments• Configure traffic shaping features• Verify operations and troubleshoot all previous configurationsiNTeNDeD AuDieNCeThis course is intended for network engineers, network support personnel, and reseller support personnel.PrerequiSiTeSThe prerequisites for this course include the following:• Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent product experience• General networking knowledge, including Ethernet, TCP/IP, and routing concepts

www.nexuminc.com

We Mean Security

19 Juniper oJwXOperating Juniper Networks WX Application Acceleration PlatformsLeNgTh: 2 DAyS CoST: $1,200 CourSe overviewThis two-day, instructor-led course focuses on installation, configuration, troubleshooting, and operational analysis of the WAN Acceleration (WX) and WAN Acceleration Cache (WXC) platforms. The course covers an overview of WX platform concepts and then moves on to initial installation using Quick Setup. Students will use the WebView graphical user interface (GUI) to configure and manage the main features of the WX platform: compression (using Molecular Sequence Reduction and Network Sequence Caching), Packet Flow Acceleration (TCP application acceleration), Application Flow Acceleration (which speeds up CIFS, Microsoft Exchange, and HTTP traffic), and implementation of quality-of-service (QoS) policies. In the labs, students configure and test all these features. The WX Framework’s exceptional monitoring and reporting capabilities are featured throughout, and the course ends with an introduction to the WX Central Management System (WX CMS) software.obJeCTiveSAfter successfully completing this course, you should be able to:• Describe the elements of the WX Framework and the various WX and WXC platforms• Explain WX concepts such as communities, topologies, registration servers, and service tunnels• Perform initial configuration of the WX platform• Identify the various ways a WX platform can obtain routing information• Configure and troubleshoot compression and caching• Describe and configure the components of outbound QoS• Describe, configure, and troubleshoot Packet Flow Acceleration• Describe, configure, and troubleshoot Application Flow Acceleration• Describe and demonstrate the WX platform’s monitoring capabilities• Upgrade WXOS software and maintain configuration files• View and save the system and access control logs• Export data and generate support files• Explain the capabilities of the WX CMS software

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: WX Platform OverviewChapter 3: WX Platform Installation Considerations and TasksChapter 4: WX Platform ConceptsChapter 5: CompressionDay 2Chapter 6: Quality of ServiceChapter 7: Packet Flow Acceleration TechnologyChapter 8: Application Flow Acceleration TechnologyChapter 9: Operation and MaintenanceChapter 10: Monitoring and ReportingChapter 11: WX Central Management System Overview

www.nexuminc.com/training/juniper/ojwx

iNTeNDeD AuDieNCeThis course is intended for network engineers, support personnel, reseller support personnel, and anyone responsible for implementing the WX and WXC product features covered in this course. PrerequiSiTeS• knowledge of TCP/IP, routing, and switching• knowledge of WAN protocols such as MPLS and Frame Relay is helpful

www.nexuminc.com

We Mean Security

20

• Configure LAN-to-LAN IPSec VPNs in various configurations• Configure VPN redundancy • Configure dynamic routing using IPSec VPNs• Configure remote access IPSec connectivity including group IkE and shared IkE• Configure GRE tunnels

iNTeNDeD AuDieNCeThis course is intended for network engineers, network support personnel, and reseller support.PrerequiSiTeSPrerequisites for this course include the following:• Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent experience with ScreenOS software• General networking knowledge, including Ethernet, TCP/IP, and routing conceptsCourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: ScreenOS VPN Basics ReviewChapter 3: VPN VariationsChapter 4: Hub-and-Spoke VPNs Chapter 5: Routing over VPNsDay 2Chapter 6: Using CertificatesChapter 7: Redundant VPN Gateways (Optional)Chapter 8: Generic Routing Encapsulation (Optional)Chapter 9: Dial-Up IPSec VPNs

Juniper AJviAdvanced Juniper Networks IPSec VPN ImplementationsLeNgTh: 2 DAyS CoST: $2,000 CourSe overviewThis two-day, intermediate-level course focuses on the wide range of options available when configuring VPNs using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises.obJeCTiveSAfter successfully completing this course, you should be able to:

www.nexuminc.com/training/juniper/ajvi

www.nexuminc.com

We Mean Security

21 Juniper APJFAttack Prevention with Juniper Networks FirewallsLeNgTh: 1 DAy CoST: $1,000 CourSe overviewThis one-day course meets the business need of customers who are deploying the attack prevention features of ScreenOS software. The course focuses specifically on the attack-related features and assumes familiarity with ScreenOS software. Upon completing this course, you should be able to return to work and successfully configure and verify the desired attack prevention features. This course is based on ScreenOS version 6.2.obJeCTiveSAfter successfully completing this course, you should be able to:

CourSe CoNTeNTSDay 1Chapter 1: Course IntroductionChapter 2: ScreenOS Basics ReviewChapter 3: SCREEN OptionsChapter 4: Deep InspectionChapter 5: AntivirusChapter 6: Web FilteringChapter 7: Antispam

www.nexuminc.com/training/juniper/apjf

• Configure attack prevention features, including: - SCREEN options - Deep Inspection - Antivirus scanning• Configure URL filtering• Configure antispam filters

iNTeNDeD AuDieNCeThis course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks products.PrerequiSiTeSThis course assumes that you have basic networking knowledge and experience in the following areas:• The Internet• Networking concepts• Terms including TCP/IP and bridging, switching, and routing


www.nexuminc.com

We Mean Security

22 F5 big-iP LTM essentialsF5 big-iP® Local Traffic Manager™ - Essentials v10.2LeNgTh: 2 DAyS CoST: $1,995

CourSe overviewThis two-day course gives networking professionals a functional understanding of the BIG-IP LTM system as it is commonly used. The course covers installation, configuration, and management of both BIG-IP LTM systems and redundant pairs. This hands-on course includes lectures, labs, and discussions.

obJeCTiveSBy the end of this course, the student should be able to perform an initial configuration using the Setup Utility and build many common configurations of BIG-IP LTM system using the Graphical User Interface (browser-based). In addition, the student should be able to monitor and manage common tasks concerning traffic processed through the BIG-IP LTM system.Topics covered in this course include:• Installation and Licensing • Virtual Servers and Pools • Load Balancing • Profiles • iRules • Persistence• Health Monitors • SSL Termination/Certificate Management • Redundant Pairs • Mirroring Connection and Persistence Data • Detecting Network Failures

iNTeNDeD AuDieNCeThis course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.PrerequiSiTeSStudents should understand:• Common network terminology • TCP/IP addressing and routing • Internetworking concepts • Common elements of WAN and LAN environments • Data Center Server redundancy concepts In addition, students should be proficient in:• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Basic Web browser operation (Internet Explorer is used in class) Please note that this course is a prerequisite for BIG-IP LTM - Advanced Topics.CourSe CoNTeNTS Day 1Module 1: Installation & Initial Access Module 2: Load BalancingModule 3: Monitors Module 4: Profiles Module 5: Persistence Module 6: Processing SSL Traffic

Day 2Module 7: Configuration ProjectModule 8: NATs and SNATsModule 9: iRulesModule 10: Installation of a Redundant PairModule 11: High AvailabilityModule 12: Maintaining BIG-IP LTM

www.nexuminc.com/training/f5/ltm-essentials


www.nexuminc.com

We Mean Security

23 F5 BIG-IP LTM Advanced TopicsF5 big-iP® Local Traffic Manager™ - Advanced Topics v10.2LeNgTh: 2 DAyS CoST: $2,495

CourSe overviewThis two-day course gives networking professionals an in-depth understanding of the BIG-IP LTM system. The Advanced Topics course builds on the foundation of the BIG-IP LTM Essentials course and also covers less commonly used but more powerful ways of using the many features of the BIG-IP LTM system. In addition, significant time is spent using the command line tools to configure the BIG-IP LTM system. This hands-on course includes lectures, labs and discussions. Students will learn about command line functions, advanced configurations, and advanced troubleshooting.

obJeCTiveSBy the end of this course, the student should be able to perform many advanced configurations of BIG-IP LTM systems using either the Graphical User Interface (browser based) or command line interface. In addition, the student should be able to monitor and manage most tasks concerning traffic processed through the BIG-IP LTM system.Topics covered in-depth in this class include:• Command Line Configuration using tmsh• BIG-IP Administration• Monitors Part 2 • iRules Part 2 • Virtual Servers Part 2

• SNATs Part 2• Persistence Part 2• Profiles Part 2• Final Project

iNTeNDeD AuDieNCeThis course is intended for experienced users of the BIG-IP LTM system including system and network administrators responsible for its advanced functionality.

PrerequiSiTeSStudents must have either successfully completed the BIG-IP LTM Essentials course, or passed the BIG-IP LTM Certification exam .Students should understand:• TCP/IP Addressing and Routing including: - The Address Resolution Protocol - Direct and Indirect Routing - TCP Handshakes • Command Line Configuration including: - Commands and Parameters • Command Line Access (DOS or UNIX) • Common elements of and differences between WAN and LAN components • Fundamental programming concepts such as variable assignments and logical operations

In addition, it helps if students are familiar with:• The Linux File System • Pico editor or VI editor• The tcpdump program• Shell scripting • TCL (Tool Control Language)

CourSe CoNTeNTSDay 1Module 1: Installation & Access Module 2: Command Line ConfigurationModule 3: BIG-IP Administration Module 4: Monitors Part 2 Module 5: iRules Part 2 Module 6: Virtual Servers Part 2

Day 2Module 7: SNATs Part 2 Module 8: Persistence Part 2Module 9: Profiles Part 2Module 10: Final Lab Project

www.nexuminc.com/training/f5/ltm-advanced


www.nexuminc.com

We Mean Security

24 F5 Troubleshooting F5 Troubleshooting BIG-IP® Local Traffic Manager™LeNgTh: 2 DAyS CoST: $1,995CourSe overviewThis two-day course gives networking professionals hands-on knowledge of how to troubleshoot a BIG-IP LTM system using a number of troubleshooting techniques and troubleshooting and system tools. This course includes lectures, labs, and discussions.obJeCTiveSBy the end of this course, the student will be able to troubleshoot the BIG-IP LTM system using:• Configuration Project• ArchitectureIn addition, the student will be able to create and submit a support case.

Topics covered in-depth in this class include:

Day 1Module 1: Course OverviewModule 2: The Problem Determination ProcessModule 3: F5 Support Module 4: Product Architecture

Day 2Module 5: Troubleshooting – Bottom to TopModule 6: Troubleshooting ToolsModule 7: Logs & NotificationModule 8: Troubleshooting Labs

CourSe CoNTeNTS

www.nexuminc.com/training/f5/ltm-troubleshooting

• Configuration Project

• Problem Determination Process

• F5 Support

• BIG-IP Product Architecture

• Troubleshooting Networks and BIG-IP using OSI model

• Troubleshooting Projects

• Troubleshooting tools such as:

-Tcpdump

-Wireshark

-Fiddler

-Ssldump

• Logging and NotificationiNTeNDeD AuDieNCeThis course is intended for system and network administrators responsible for troubleshooting and supporting BIG-IP LTM systems.PrerequiSiTeS• Successful completion of BIG-IP LTM Essentials• Or passing Prometric exam F50-511Students should understand:• Common network terminology• TCP/IP addressing and routing• Internetworking concepts• Common elements of WAN and LAN environments

In addition students should be proficient in:

• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS

• Basic Web browser operation (Internet Explorer is used in this class)


www.nexuminc.com

We Mean Security

25 F5 big-iP gTMF5 big-iP® Global Traffic Manager™LeNgTh: 2 DAyS CoST: $1,995CourSe overviewThe BIG-IP Global Traffic Manager course is designed for networking professionals to renew their understanding of DNS network systems and wide-area networks, master pre-installation information gathering, and apply this information to the process of installing a GTM System. Utilizing both simulated installation activities and hands-on exercises, participants gain real-time experience setting up and configuring both primary and secondary GTM Systems, WAN systems, integrating multiple GTM Systems, and migrating DNS systems to a GTM. Participants will also gain knowledge of the essential GTM management interfaces that assist network managers. In addition, this course covers configuring, monitoring and testing GTM Systems and networks, as well as dynamic and static load balancing, and GTM report screens.iNTeNDeD AuDieNCeThis course is intended for installation engineers and others responsible for installing, configuring and troubleshooting the BIG-IP Global Traffic Manager product.

PrerequiSiTeS

Day 1Module 1: Installation Module 2: DNS OverviewModule 3: ConfigurationModule 4: Load BalancingModule 5: LDNS Probes

Day 2Module 6: Monitors Module 7: ZoneRunnerModule 8: Logs and NotificationsModule 9: Advanced TopicsModule 10: Configuration Project

CourSe CoNTeNTS

www.nexuminc.com/training/f5/gtm

Students should understand:• Common network terminology• TCP/IP Addressing and Routing• Internetworking concepts• Common elements of WAN and LAN environments• Data Center server redundancy concepts• Students should be proficient with:• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Basic Web Browser operation (Internet Explorer is used in this class)In addition, it is helpful if participants are familiar with:• Pico Editor or VI Editor• The tcpdump program• The nslookup and dig programs


www.nexuminc.com

We Mean Security

26 F5 big-iP ASMF5 big-iP® Application Security Manager v10.xLeNgTh: 4 DAyS CoST: $3,995CourSe overviewThis four-day course covers the basics of Web-based application attacks and how to use BIG-IP Application Security Manager to defend against them. The course covers installation, configuration, management, application flow and components, policy enhancement, advanced security policies, the ASM learning process, implementation, and methodologies of Application Security Manager in both stand-alone and modular configuration. This course includes lectures, labs, demonstrations, and discussions.obJeCTiveSUpon completing this course, a student will be able to install and understand web application configuration and configure a security policy based on live traffic, Wildcard entities and Rapid Deployment techniques. Additionally, a student will be able to monitor and administer Application Security Manager.Course topics include:

Students should understand: • Common Network terminology• Web application terminology• Basic HTTP and HTML concepts• Basic Security conceptsParticipants should be proficient with:• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS• Basic Web Browser operation (Internet Explorer is used in class)

CourSe CoNTeNTSDay 1Module 1: Installation & Initial AccessModule 2: Web Application Concepts

Module 3: Web Application VulnerabilitiesModule 4: ASM Application Configuration

Day 2Module 5: Security Policy OverviewModule 6: Traffic LearningModule 7: Parameters

Day 3Module 8: Security Policy BuilderModule 9: Security Policy Building Tools

Module 10: Application-Ready Security Policy

Day 4Module 11: XML and Web ServicesModule 12: Protocol Security ManagerModule 13: Logs and Logging ProfilesModule 14: Administering ASMModule 15: Configuration Lab Project

iNTeNDeD AuDieNCeThis class is intended for network and security administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager.PrerequiSiTeS

• HTTP and HTML Concepts• Common Vulnerabilities• HTTP Classes• Security Policy Building• Wildcard Entities• Traffic Learning

• Parameter Configuration & Protection• Security Policy Templates• Web Services Protection• Protocol Security Manager Configuration• Logging Profiles

www.nexuminc.com/training/f5/asm


www.nexuminc.com

We Mean Security

27 F5 BIG-IP WebAcceleratorF5 big-iP® WebAcceleratorTM ModuleLeNgTh: 1 DAy CoST: $995

CourSe overviewThe WebAccelerator Module course is designed for customers running the WebAccelerator Module on TMOS™ and is designed to help network professionals improve web site customer experience. The course focuses on typical HTTP processes and how the WebAccelerator Module can take advantage of those processes to decrease response time while ensuring data accuracy and integrity. Using lectures and hands-on exercises, participants gain real-time experience setting up and configuring the necessary portions of the Local Traffic Manager (LTM) system as well as typical WebAccelerator Module settings. From the LTM framework, these settings include pools, profiles and virtual servers. In addition discussion and labs will focus on the WebAccelerator Module framework, include editing standard policies to effect how the traffic is manipulated as it is processes by the system. Participants will see how the changes improve the user experience through tools such as HttpWatch.

iNTeNDeD AuDieNCeThis course is intended for installation engineers and others responsible for initial installation and configuration of the WebAccelerator Module.

PrerequiSiTeSParticipants should understand:• Common Network terminology• TCP/IP Addressing and Routing• HTTP StandardsParticipants should be proficient with:• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS• Basic Web Browser operation (Internet Explorer is used in class)In addition, it is helpful if participants are familiar with:• Pico editor or VI editor• The tcpdump program

www.nexuminc.com/training/f5/webaccel

CourSe CoNTeNTSDay 1Module 1: Installation & Initial AccessModule 2: HTTP BasicsModule 3:BIG-IP BasicsModule 4: ApplicationsModule 5: Policies and Matching RulesModule 6: Acceleration RulesModule 7: Logging and ReportingModule 8: Symmetric Deployment


www.nexuminc.com

We Mean Security

28 F5 FirePassF5 FirePass® v6.xLeNgTh: 3 DAyS CoST: $2,995

CourSe overviewThis three-day course provides security and network professionals with a functional understanding of the FirePass® Controller . The course includes installation, configuration, management and troubleshooting on a FirePass system. Lectures, demonstrations, hands-on labs and discussions will be incorporated.

obJeCTiveSBy course completion, the student should be able to perform an initial configuration of the FirePass Controller and build many common configurations on the FirePass system using the Graphical User Interface (browser based). Additionally, the student should be able to monitor, administer, and perform basic troubleshooting tasks on traffic processed by the FirePass ControllerTopics include explanations and configuration of:• Installation and setup of the FirePass server • Network Access Using the SSL VPN • Security Access, Authentication and Authorization • Portal Access to Web Sites, Network File Shares and e-mail • Application Access (Telnet to Unix and Mainframe Hosts and Terminal Services)

• Server and Client SSL Certificates setup • End-point security and client policy checking • Failover and Clustering • Administration and Lab Projects

iNTeNDeD AuDieNCeThis course is intended for security and network administrators responsible for install, setup, configuration, and administration of the FirePass Controller.

PrerequiSiTeSStudents should understand:• Common Security and Network terminology • TCP/IP Addressing, Routing and Internetworking concepts • Security Authorization and Authentication concepts • Common elements of WAN and LAN environments In addition, students should be proficient with:• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS • Basic Web Browser operation (Internet Explorer is used in class)

Day 1Module 1: InstallationModule 2: Network Access (SSL VPN) Module 3: Authentication and AuthorizationModule 4: End Point SecurityModule 5: Application Access Module 6: Portal AccessDay 2Module 7: Lab Project #1 and ReviewModule 8: Portal Access Advanced

Module 9: Application Access AdvancedModule 10: Network Access Advanced Module 11: End Point Security Advanced Module 12: CustomizationDay 3Module 13: Dynamic Group MappingModule 14: FirePass AdministrationModule 15: FailoverModule 16: ClusteringModule 17: Lab Project #2 and Review

CourSe CoNTeNTS

www.nexuminc.com/training/f5/firepass


www.nexuminc.com

We Mean Security

29 BIG-IP Edge Gateway - APM F5 big-iP® Edge Gateway - Access Policy ManagerLeNgTh: 2 1/2 DAyS CoST: $2,495

CourSe overviewThis two and ½ -day course provides security and network professionals with a functional understanding of the BIG-IP® Access Policy Manager (APM). The course includes installation, configuration, management and troubleshooting on a BIG-IP® APM. This hands-on course includes lectures, labs, and discussions.

CourSe CoNTeNTS

Day 1

Module 1: Installation and Initial Access

Module 2: APM Traffic Processing

Module 3: APM Access Policies and Profiles

Module 4: APM Web Applications

Module 5: APM Network Access

Day 2

Module 6: APM Configuring ACLs

Module 7: BIG-IP LTM Concepts

Module 8: APM on BIG-IP LTM

Module 9: APM Macros and Authentication Servers

Module 10: APM Client Side Checks and Actions

Day 3

Module 11: APM Advanced Topics

Module 12: Maintaining BIG-IP

Module 13: APM Configuration Project

obJeCTiveSBy the end of the course, the student should be able to perform an initial configuration of the BIG-IP® APM and Access Policies using the Visual Policy Editor Graphical User Interface. Additionally, the student should be able to monitor, administer, and perform basic troubleshooting tasks on traffic processed by the BIG-IP® APM System.Topics covered in this class include:

•InstallationandsetupoftheBIG-IP®APMSystem

•BuildingAccessPoliciesusingtheVisualPolicyEditor

•WebApplicationAccesstobothhttpandhttpsWebApplications

•NetworkAccessusinganSSLVPNtunnel

•SecurityAccess,includingAuthentication,clientsidechecksandAuthorization

•BuildingadvancedpolicychecksusingvariablesandiRules

•BIG-IPAPMAdministrationtools

•LabProjects

iNTeNDeD AuDieNCeThis course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP APM System.

PrerequiSiTeSStudents should understand:• Common Security and Network terminology• TCP/IP Addressing, Routing and Internetworking concepts• Security Authorization and Authentication concepts• Common elements of WAN and LAN environments• In addition, students should be proficient in:• Basic PC operation and application skills, including operating a CD drive, keyboard, mouse and Windows OS,• Basic Web browser operation (Internet Explorer is used in class).

www.nexuminc.com/training/f5/apm


www.nexuminc.com

We Mean Security

30 Configuring BIG-IP with iRules F5 Configuring BIG-IP® with iRulesLeNgTh: 3 DAyS CoST: $2,995

CourSe overviewThis three-day course gives networking professionals an understanding of how to configure a BIG-IP system with iRules. The course builds on the foundation of the BIG-IP Local Traffic Manager (LTM) Essentials course, demonstrating how to logically plan and write iRules to help monitor and manage common tasks involved with processing traffic on the BIG-IP. Course Labs consist of writing, applying and evaluating the effect of iRules on LTM traffic. This hands-on course includes lectures, labs, and discussions.

CourSe CoNTeNTS

Day 1

Module 1: Introduction

Module 2: iRule Basics and Resources

Module 3: iRule Programs

Module 4: Syntax and Troubleshooting

Day 2

Module 5: iRule Optimization

Module 6: Security and iRules

Module 7: Numbers and Strings

Module 8: HTTP Headers and Commands

Day 3

Module 9: Data Groups

Module 10: Persistence and Stream Profiles

Module 11: Arrays and Statistics Profiles

obJeCTiveSBy the end of this course, the student will be able to logically plan and write iRules to help monitor and manage common tasks involved with processing traffic through the BIG-IP LTM system.Topics covered in this course include:•DevCentral-TheResourceforiRules

•iRuleElements

•SyntaxandTroubleshooting

•iRuleOptimization

•iRulesandSecurity

•ExpressionsandOperators

•VariablesandLoops

•DataClasses

•PersistenceandServerData

•StatisticsandFinalProject

iNTeNDeD AuDieNCeThis course is intended for system administrators, network administrators and application developers responsible for the configuration and administration of the BIG-IP LTM system.

PrerequiSiTeSPrior to attending the Configuring BIG-IP with iRules course the student must have attended the BIG-IP LTM Essentials course. The student can also benefit from several months experience configuring and designing with the BIG-IP LTM product before attending this course.Students should be familiar with:• Common network terminology• TCP/IP addressing and routing• Internetworking concepts• Common elements of WAN and LAN environments• Programming Basics (Tcl is a plus)

www.nexuminc.com/training/f5/irules-bigip

www.nexuminc.com

We Mean Security

31

Check Point CCSA R71Check Point Security Administrator R71LeNgTh: 4 DAyS CoST: $3,995

CourSe overviewCheck Point Security Administration R71 is a foundation course for Check Point’s Security Management Systems, Security Gateway Systems, and deployment platforms. This course provides an understanding of basic concepts and skills necessary to configure Check Point Software Blades including Firewall, IPSEC VPN, IPS, Network Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivirus & Anti-malware, Anti-spam & Email Security. During this course, students will configure a Security Policy, secure communications across the Internet, defend against network threats, and learn about managing and monitoring a secure network.

obJeCTiveS

eXerCiSeS• Install and configure a Security Management Server• Configure a Security Gateway• Launch SmartDashboard• Configure a Branch Gateway• Create Rules for Corporate Gateway• Create a DMZ Object• Observe NAT using fw monitor• Launch SmartView Tracker• Download HFA Package• Create a VPN Community• Test VPN Connection• Save a Certificate for Export• Modify Rule Base• Install and Verify Security Gateway Configuration• Test Encryption with Certificates• Create a Remote Access Group• Configure Office Mode IP Pool• Test Remote Connection• Analyze Attacks• Configure IPS to Block Attacks

www.nexuminc.com/training/checkpoint/ccsar70

iNTeNDeD AuDieNCeTechnical persons who support, install, deploy or administer Check Point Software Blades should attend this course.PrerequiSiTeS Basic networking knowledge, knowledge of Windows Server and/or UNIX, and experience with TCP/IP and the Internet.

• Design a distributed environment• Install the Security Gateway version R71 in a distributed environment• Deploy Gateways from the Gateway command line• Perform a backup and restore the current Gateway installation• Use the Command L ine to support troubleshooting common problems on the Security Gateway• Create a basic Rule Base in SmartDashboard• Configure NAT rules on Web and Gateway servers• Use queries in SmartView Tracker to monitor IPS traffic and troubleshoot events using packet data• Upgrade and attach product licenses using SmartUpdate• Perform a preinstallation compatibility assessment for upgrading to R71• Manage users to access to the corporate LAN• Establish VPN connections to partner sites with advanced IkE• Configure permanent tunnels for remote access to corporate resources• Configure Web-filtering and antivirus policies to filter traffic• Create and install IPS policies

CourSe CoNTeNTSDay 1 Chapter 1: Check Point Technology OverviewChapter 2: Deployment Platforms

Day 2Chapter 3: Introduction to the Security PolicyChapter 4: Managing Traffic and Connections

Day 3Chapter 5: Using SmartUpdateChapter 6: Upgrading to R71Chapter 7: User Management and Authentication

Day 4 Chapter 8: Encryption and VPNs

Chapter 9: Introduction to VPNsChapter 10: Messaging and Content Security

www.nexuminc.com

We Mean Security

32

Check Point CCSA R71 UpgradeCheck Point Security Administrator R71 UpgradeLeNgTh: 3 DAyS CoST: $2,000

CourSe overviewCheck Point Security Administrator R71 Upgrade is a rapid three-day instructor-led course for Check Point’s Security Management and Gateway Systems. This all-lab course teaches how to configure Check Point Software Blades including Firewall, IPSEC VPN, IPS, Network Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivirus/Anti-malware, Anti-spam & Email Security. During this course, students will configure a Security Policy, secure communications across the Internet and defend against network threats.

obJeCTiveS• Perform a backup and restore the current Gateway installation• Identify critical files to purge or backup; import and export users and groups and delete administrators• Deploy Gateways with sysconfig and cpconfig from the command line• Upgrade and attach product licenses using SmartUpdate• Use SmartUpdate to apply upgrade packages and product licensing• Perform a preinstallation compatibility assessment for upgrading to R71• Obtain a license key• Install a Contract File on Windows, SecurePlatform, L inux, Solaris, or IPSO• Configure the Security Policy to permit traffic to DMZ resources• Select the most appropriate encryption algorithm when securing communication over a VPN• Configure a certificate-based site-to-site VPN• Establish VPN connections to partner sites• Configure a pre-shared secret site-to-site VPN• Configure permanent tunnels for remote access• Configure VPN tunnel sharing• Configure Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection• Determine threats by site, configure Web-filtering and antivirus policy to filter and scan traffic

iNTeNDeD AuDieNCeThis class is only for Check Point Certified Security Administrators to learn how to apply the latest R71 software blade technology.PrerequiSiTeS Persons attending this course should have CCSA NG or higher certification.eXerCiSeS• Install and configure a Security Management Server• Install SecurePlatform• Install SmartConsole• Launch SmartDashboard• Create Corporate Gateway Rules• Install and test the Corporate Policy• Create DMZ O bjects and access rules in SmartDashboard• Configure and test Hide NAT on the Corporate Network• Perform a Security Gateway upgrade from the command line• Create VPN community and rules• Test and troubleshoot VPNs• Modify the Rule B ase• Test Encryption with Certificates• Create remote-access groups• Configure gateway for IkE encryption• Verify office mode IP assignment• Test the remote connection• Configure the mail server• Observe mail traffic• Configure policy to block attacks

www.nexuminc.com/training/checkpoint/ccsar70upgrade

www.nexuminc.com

We Mean Security

33

www.nexuminc.com/training/checkpoint/ccser70

eXerCiSeS• Build the management server and gateways and establish SIC• Create a new Administrator• Configure SmartWorkflow• Install user databases and policies• Enable SmartProvisioning• Modify and push policy to gateways• Install and enable SSL VPN in SmartDashboard™• Configure global properties• Enable and configure SecureXL on the gateway and open connections• Configure ClusterXL properties• Modify the Rule B ase• Pass traffic through clusters• View FTP connections with and without sticky decision• Create Check Point QoS rules, install and test the policy• Create a new IPS profile• Generate and analyze an attack• Install and configure the Data Loss Prevention software blade

iNTeNDeD AuDieNCePersons attending this course should have Check Point Security Administrator training or certification and a working knowledge ofnetworking concepts, Windows Server and/or UNI X, and experience with TCP/IP and the Internet.PrerequiSiTeSTechnical persons who support, install, deploy or administer Check Point Software Blades should attend this course.

CourSe CoNTeNTSDay 1 Chapter 1: Management PortalChapter 2: SmartWorkflowChapter 3: SmartProvisioningDay 2 Chapter 4: SSL Portal-Based VPNChapter 5: AccelerationChapter 6: High AvailabilityChapter 7: ClusteringDay 3Chapter 8: Advanced Networking - RoutingChapter 9: Advanced Networking - LoadBalancingChapter 10: Advanced Networking - QoSChapter 11: Check Point IPS Day 4Chapter 12: Data Loss Prevention (DLP)Chapter 13: Smart EventChapter 14: Smart ReportingChapter 15: Troubleshooting and Debugging

Check Point CCSE R71Check Point Security Expert R71LeNgTh: 4 DAyS CoST: $3,995

CourSe overviewCheck Point Security Expert is a four-day instructor-led hands-on course, delivering the advanced concepts and skills to optimize the R71 Check Point Software Blade architecture. This course is designed to help maximize the performance of your Check Point security deployment with real-world scenarios including advanced routing, load balancing and high availability. During the course you will set up multiple security gateway clusters, analyze network intrusion alerts and generate advanced network traffic reports.obJeCTiveS• Configure Administrative access to the Security Manage-ment server• Process a change request based on an organization’s infra-structure• Implement Provisioning• Modify remote gateways properties• Configure applications for SSL VPN remote access• Verify traffic is enhanced using SecureXL™• Deploy New Mode HA• Configure ClusterXL® in a corporate network• Configure VPN in a clustered environment

• Configure and test VPN Tunnel Interfaces (VTIs)• Configure and test Load Sharing U nicast and Multicast modes• Setup and verify a QoS configuration• Implement customized profiles to designated Gateways• Manage profiles related to IPS rules• Configure DLP Data Types• Monitor and adjust DLP Policies• Modify the IPS Policy to improve system bandwidth and protections

www.nexuminc.com

We Mean Security

34 Check Point CCSE R71 UpgradeCheck Point Security Expert R71 UpgradeLeNgTh: 2 DAyS CoST: $2,000

CourSe overviewCheck Point Security Expert is a rapid two-day instructor-led, all-lab course delivering the advanced concepts and skills to optimize the R71 Check Point Software Blades. This course is designed to help maximize the performance of your Check Point security deployment with real-world scenarios including advanced routing, high availability and debugging. During this all-lab course you will set up multiple security gateway clusters, analyze network intrusion alerts and generate advanced network traffic reports.

obJeCTiveS• Configure Administrative access to the Security Management server• Monitor and evaluate remote Gateways using SmartUpdate• Use SmartUpdate to apply upgrade packages and attach licensing• Implement Provisioning• Modify remote gateways properties• Configure applications for SSL VPN remote access• Enhance traffic with SecureXL• Deploy New Mode HA• Configure ClusterXL in a corporate network• Configure VPN in a clustered environment and demonstrate failover• Install and configure SmartReporter• Produce reports from consolidated log data and audit network traffic• Implement customized profiles to designated Gateways• Manage profiles related to IPS rules• Monitor and analyze alerts to track and identify network intrusions• Modify the IPS Policy to improve system bandwidth and protections• Configure DLP Data T ypes• Monitor and adjust DLP Policies

iNTeNDeD AuDieNCeThis advanced class is for Check Point Security Administrators with at least Check Point NGX experience to learn how tomaximize R71 software blade deployments.PrerequiSiTeS Persons attending this course should have at least CCSA NGX certification. Check Point Security Expert training or experience is strongly suggested.eXerCiSeS• Build the management server and gateways and establish SIC• Configure Management portal on corporate site and partner site• Create a new Administrator• Configure SmartWorkflow• Install user databases and policies• Enable SmartProvisioning• Modify and push policy to gateways• Create a file-share application in the SSL VPN tab and permit access• Configure global properties• Enable and configure SecureXL on the gateway and open connections• Configure ClusterXL properties• Modify the Rule B ase• Pass traffic through clusters• Deploy new mode HA• View FTP connections with and without sticky decision• Create Check Point QoS rules, install and test the policy• Create a new IPS profile• Generate and analyze an attack• Install and configure the Data Loss Prevention software blade• kernel debugging and connection tables

www.nexuminc.com/training/checkpoint/ccsar70-upgrade

www.nexuminc.com

We Mean Security

35 Check Point Provider-1 R70 Multi-Domain Management with Check Point Provider-1 R70LeNgTh: 2 DAyS CoST: $2,000

CourSe overviewMulti-Domain Management with Check Point Provider-1 R70 is an advanced course for Check Point’s Managed Security Services. This course provides an understanding of the concepts and skills necessary to configure, implement and manage Check Point’s Provider-1 R70; including installation and configuration of multi-domain servers, creation and configuration of Customer Management Add-ons (CMAs), migration of existing Security Management Servers into CMAs and the configuration, implementation and installation of global policies and VPNs, and manage multiple distinct sites via a single management interface.

obJeCTiveS • Choose the correct Provider-1 implementation to cover customer requirements• Classify the various pieces of the Provider-1 architecture and recognize their interactions together• Use the correct tools to troubleshoot and solve any issues that may arise in the architecture, file system or processes• Install Provider-1• Configure the Provider-1 container environment• Create a Primary MDS Manager• Install and configure the Multi Domain GUI• Implement any necessary Management Plugins for a specific customer or Provider environment• Troubleshoot and solve any issues that may arise during installation and configuration• Create and configure a CMA for a Customer• Migrate an existing Security Management configuration into Provider-1 with CMA Migration tools• Troubleshoot and solve and issues that may arise working with CMAs• Configure and implement a MLM for the Provider-1 environment• Configure and implement a CLM for a given Customer• Configure and implement a Global Policy• Configure and implement IPS in the Global Policy• Configure and implement VPNs globally and per customer• If necessary, create a secondary MDS Manager and enable MDS High Availability• Create and configure secondary CMAs, where applicable for customers• Configure CMA High Availability based on a customer’s requirementsiNTeNDeD AuDieNCeThis class is intended for a systems administrator, security manager, or network engineer implementing Provider-1 R70 in an enterprise setting.

PrerequiSiTeSCheck Point Security Expert R70 and Check Point Security Expert R70, or equivalent knowledge and experience in the prerequisites.

CourSe CoNTeNTS

Day 1 Chapter 1: Provider-1 R70 DeploymentChapter 2: MDS Installation and ConfigurationChapter 3: Overview of the Multi-Domain GUI

Day 2 Chapter 4: Provider-1 Logging Features Chapter 5: Assigning Global PoliciesChapter 6: Advanced MDS Functions

eXerCiSeS• Installing and Configuring the Primary MDS Station• Securing the NOC• Adding the Uk_Corp City Site to Provider 1 R70• Creating and Migration of Existing Japan_Corp Site• MDS MLM Installation and Configuration• Creating and Assigning a Global Policy• Configuring MDS High Availability

www.nexuminc.com/training/checkpoint/ccmser70


www.nexuminc.com

We Mean Security

36 blue Coat bCCPABlue Coat Certified ProxySG AdministratorLeNgTh: 2 DAyS CoST: $2,000

CourSe overviewThe Blue Coat Certified Proxy Administrator (BCCPA) Course is intended for students who wish to master the fundamentals of Blue Coat products. After completing this course, you will understand: • key concepts of network security and wide-area network (WAN) optimization• The major functions of the ProxySG, how they work, and how to administer them• How the ProxySG interfaces with other Blue Coat products• How to get service and support from Blue Coat

obJeCTiveSUpon completing this course and passing an online exam, students will become Blue Coat Certified Proxy Administrators.

iNTeNDeD AuDieNCeIT network or security professionals who wish to master the fundamentals of Blue Coat products with a focus on networksecurity and who have not taken any previous Blue Coat training courses.

PrerequiSiTeSStudents should be familiar with networking essentials, such as LAN, Internet, security, and IP protocols. Basic knowledge ofauthentication methods is also a plus.

CourSe CoNTeNTS

Day 1 Chapter 1: Blue Coat Product FamilyChapter 2: Understanding Proxy ServersChapter 3: ProxySG DeploymentChapter 4: Blue Coat Product LicensingChapter 5: ProxySG Initial SetupChapter 6: ProxySG Management ConsoleChapter 7: ServicesChapter 8: Hypertext Transfer Protocol

Day 2 Chapter 9: Policy ManagementChapter 10: Web PulseChapter 11: Authentication Chapter 12: Authentication Using LDAPChapter 13: Creating Notifications and ExceptionsChapter 14: Access LoggingChapter 15: WAN Optimization FeaturesChapter 16: Service and Support

www.nexuminc.com/training/bluecoat/bccpa


www.nexuminc.com

We Mean Security

37 blue Coat bCCPPBlue Coat Certified ProxySG ProfessionalLeNgTh: 3 DAyS CoST: $3,000

CourSe overviewThe Blue Coat Certified WAN Acceleration Professional (BCWAP) Course is intended for IT network professionals who wish to master the advanced WAN optimization features of application acceleration available with the Blue Coat ProxySG. After completing this course, you will understand: • How to configure advanced features in an Application Delivery Network (ADN)• Different ADN Connection types and how can you secure your ADN• VLAN and QoS support in the ProxySG• Advanced features in CIFS proxy and how to troubleshoot issues• How routers interact with web caches using WCCP and how ProxySG supports it

obJeCTiveSUpon completing the course and passing an online exam, students will become Blue Coat Certified Proxy Professionals.

iNTeNDeD AuDieNCeIT network professionals who have practical experience with Blue Coat ProxySG and wish to master and deploy advancedWAN optimization capabilities.

PrerequiSiTeSBlue Coat Certified WAN Acceleration Administrator (BCWAA) certification, or waiver exam, plus practical experiencewith the ProxySG in the field. Additionally, students should have advanced knowledge of application delivery networkand security.

www.nexuminc.com/training/bluecoat/bccpp

CourSe CoNTeNTS

Day 1 Chapter 1: System ArchitectureChapter 2: Caching ArchitectureChapter 3: Services - Advanced TopicsChapter 4: Content Policy LanguageChapter 5: Regular ExpressionsChapter 6: Managing Downloads and Apparent Data TypesChapter 7: HTTP DetailsChapter 8: Authentication in Transparent Proxy ModeChapter 9: Using kerberos Authentication

Day 2Chapter 10: Advanced Authentication

Chapter 11: Guest AuthenticationChapter 12: SSL Proxy

Chapter 13: Policy TracingChapter 14: ForwardingChapter 15:Reverse Proxy ImplementationChapter 16: Two-Way URL RewriteChapter 17: FailoverChapter 18: Health Checks

Day 3 Chapter 19: Web Cache Communication ProtocolChapter 20: VLAN SupportChapter 21: Managing Streaming Media

Chapter 22: ProxyClientChapter 23: ProxyClient FilteringChapter 24: Introduction to ProxyAVChapter 25: ICAP ConceptsChapter 26: Introduction to Director


www.nexuminc.com

We Mean Security

38 blue Coat bCwAABlue Coat WAN Acceleration AdministratorLeNgTh: 1 DAy CoST: $1,000

CourSe overviewThe Blue Coat Certified WAN Acceleration Administrator (BCWAA) Course is intended for IT professionals who wish to master the WAN optimization fundamentals of the Blue Coat ProxySG. After completing this course, you will understand:• Basic concepts of WAN optimization• How to deploy and license the ProxySG• How to monitor ProxySG traffic• Concepts of bandwidth management• How WAN optimization works and is configured on ProxyClient

iNTeNDeD AuDieNCeIT network professionals who wish to master the fundamentals of Blue Coat products with a focus on WAN Optimizationtechnology and who have not taken any previous Blue Coat training courses.PrerequiSiTeSStudents should be familiar with basic networking concepts, such as local-area networks (LANs), the Internet, security,and IP protocols. Additionally, students should have advanced knowledge of application delivery network and security, aswell as practical experience with the ProxySG in the field.

CourSe CoNTeNT

Day 1 Chapter 1: Blue Coat Product FamilyChapter 2: Blue Coat Product LicensingChapter 3: ProxySG Initial SetupChapter 4: Blue Coat SkyChapter 5: WAN Optimization FeaturesChapter 6: ADN Acceleration DeploymentsChapter 7: Configure ADN RolesChapter 8: Monitoring TrafficChapter 9: Byte CachingChapter 10: Optimizing CIFS

Chapter 11: MAPI Over ADNChapter 12: Bandwidth ManagementChapter 13: ProxyClient Acceleration

www.nexuminc.com/training/bluecoat/bcwaa


www.nexuminc.com

We Mean Security

39 blue Coat bCwAPBlue Coat WAN Acceleration ProfessionalLeNgTh: 2 DAyS CoST: $2,000

CourSe overviewThe Blue Coat Certified WAN Acceleration Professional (BCWAP) Course is intended for IT network professionals who wish to master the advanced WAN optimization features of application acceleration available with the Blue Coat ProxySG. After completing this course, you will understand:• How to configure advanced features in an Application Delivery Network (ADN)• Different ADN Connection types and how can you secure your ADN• VLAN and QoS support in the ProxySG• Advanced features in CIFS proxy and how to troubleshoot issues• How routers interact with web caches using WCCP and how ProxySG supports it

iNTeNDeD AuDieNCeIT network professionals who have practical experience with Blue Coat ProxySG and wish to master and deploy advancedWAN optimization capabilities.PrerequiSiTeSBlue Coat Certified WAN Acceleration Administrator (BCWAA) certification, or waiver exam, plus practical experiencewith the ProxySG in the field. Additionally, students should have advanced knowledge of application delivery networkand security.

CourSe CoNTeNT

Day 1 Chapter 1: ADN Connection TypesChapter 2: Secure ADNChapter 3: Device AuthenticationChapter 4: ADN Load BalancingChapter 5: Advanced ADN ConceptsChapter 6: ADN TroubleshootingChapter 7: Services - Advanced TopicsChapter 8: SSL ProxyChapter 9: CIFS - Advanced Topics

Day 2Chapter 10: CIFS Troubleshooting

Chapter 11: Advanced MAPIChapter 12: Web Cache Communication ProtocolChapter 13: WCCP TroubleshootingChapter 14: Asymmetric RoutingChapter 15: VLAN SupportChapter 16: Failover

www.nexuminc.com/training/bluecoat/bcwap

we mean security nexum training course...

Documents