Page 26 – RAYKA (are you a network engineer?)

1. Juniper SRX Series Devices and Features

By Majid Asadpoor July 12, 2022 Leave a comment

Juniper SRX series and security features are the topics which will be discussed in this section.
Juniper SRX devices are classified based on the location that will be used, like LAN, data center, branch offices and virtual environment.
Juniper SRX is primarily a firewall and therefore supports the features that are supported in firewall in any other vendor like traffic filtering, NAT, VPN and some new or next-generation features like user based filtering, application firewall and UTM features like antivirus and antispam.

Details

27. Juniper Monitor Traffic Command

By Majid Asadpoor July 9, 2022 Leave a comment

Juniper Monitor Traffic Command is another troubleshooting and analysis tool for capturing traffic, but only traffic to or from the Juniper device routing engine (RE) are captured. Transit traffic are not captured by the “monitor traffic” command.

Details

26. Junos Packet Capture Configuration Example

By Majid Asadpoor July 5, 2022 Leave a comment

Junos Packet Capture is an excellent utility for capturing real-time traffic over Juniper devices. It helps us analyze network traffic and is especially useful for network troubleshooting.
In this section, I will show you how to implement the packet capture feature in a Juniper SRX device.

Details

25. Juniper Unicast Reverse-Path-Forwarding

By Majid Asadpoor July 3, 2022 Leave a comment

Juniper Unicast Reverse-Path-Forwarding (unicast RPF) feature is used to prevent spoofing attacks in which intruder spoof the source IP address in a way to seem that it comes from a legitimate address and it is usually used in DoS attacks.

Details

24. Juniper Traffic Policing Configuration Example

By Majid Asadpoor June 30, 2022 Leave a comment

Juniper Traffic Policing is another application of Firewall Filter that allows you to rate limit the traffic instead of just accepting or dropping it.

Details

23. Juniper Firewall Filter Configuration Example

By Majid Asadpoor June 26, 2022 Leave a comment

Juniper firewall filter is a Junos security solution to filter or control traffic at the data plane as they enter or exit an interface. It is exactly the same as access control list in Cisco devices.
The firewall filter is stateless, so it differs from the stateful Juniper security policy which is stateful. In other words, in firewall filter each packet must be inspected individually to determine whether it is permitted to be transmitted or it must be filtered.

Details

22. Juniper Routing Policy Configuration Example

By Majid Asadpoor June 23, 2022 Leave a comment

Juniper routing policy configuration example helps us better understand what we discussed in theory in the previous section.
We will configure a simple routing policy scenario to advertise the default route over OSPF routing protocol with both prefix-list and route-filter.

Details

21. Junos Routing Policy Fundamental

By Majid Asadpoor June 21, 2022 Leave a comment

Junos routing policy allows us to allow, deny, or manipulate the routes when they are imported from a routing protocol to the routing table or exported from the routing table to a routing protocol.
This section discusses the concept of routing policy. In the next section, we configure a real routing policy in SRX devices.

Details

20. Juniper Routing Instance Configuration

By Majid Asadpoor June 18, 2022 2 Comments

Juniper Routing Instance has the same concept of VRF in Cisco routers, which allows us to use a single physical router as multiple logical routers.
All logical routers in control plane and data plane are completely separate, so it can be assumed that there are actually multiple physical routers. The only difference is that the management plane is shared between routing instances (logical routers).

Details

19. Juniper Dynamic Routing Fundamental

By Majid Asadpoor June 13, 2022 Leave a comment

Juniper Dynamic Routing enables network devices to learn and update routing information dynamically, which is very important and critical in large networks.
In this section, we will learn about the architecture of dynamic routing protocols and implement a simple OSPF routing protocol as an example in vSRX devices.

Details