11:18 PM
Maeltor
I'm feeling a bit proud this week. With very little time to study, I sat and passed the JNCIS-SEC test. This is Juniper's second level security products exam, focused mainly on the SRX security products. I used my knowledge gained from working in the field and the "fast track" study guides on the Juniper website here. They were very thorough. I borrowed a study guide from a friend who had taken the Juniper security course and compared the content.
While I'm sure the course (if taught by a knowledgeable instructor) provided better context and labs access, the "fast track" content was very comparable and is highly recommended for those who (like me) are already familiar with the concepts from years of experience with Juniper or other vendors' security products.
If you absolutely MUST have lab kit to work with, a few base model SRX100s will give you nearly all the necessary capability. You won't be able to test some of the more advanced UTM features with this model, as it isn't capable, so if you are the hands on type, this might be a problem. Higher end models are harder to come by for home lab gear, and even those will require licensing to use UTM so you'll probably just have to spend extra time in this section of the study materials. You've been warned. I'll admit I didn't do too well here.
There is a fair amount of questions which surrounds UTM, HA, and IpSec so focus a lot of mental energy in these sections. As for the NAT sections, a good portion of these come from looking at operational mode "show" commands and determining which type of NAT you are looking at (source, destination, static) and whether or not PAT is involved.
Overall, like most Juniper tests, its a healthy mixed balance between concepts, and real world operation, so approach it as such, and you'll do fine. Good luck!
Posts
