O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing Enterprise LANs Using the Junos OS

Video Description

Scanning news feeds from virtually any international news source reveals a never ending stream of sophisticated outsider attacks on corporate networks. While these attacks dominate the headlines, there is another form of network attack that is just as sinister: The insider attack on the enterprise LAN. In this video series, enterprise network security expert Martin Brown shows you how to recognize insider attacks and how to protect against them within a Juniper Network EX Series switch environment.

In addition to receiving the benefit of Brown's vast experience in identifying and counteracting Level 2 and Level 3 insider attacks, the course offers the unique opportunity to gain command-line Junos OS security configuration experience using real life Juniper EX Series hardware.

  • Become aware of the sophisticated techniques insiders use to attack corporate LANs
  • Master the methods used in Juniper switched networks to mitigate internal security threats
  • Gain command-line Junos OS security configuration experience using real Juniper EX Series hardware
  • Understand Layer 2 (Data Link) and Layer 3 (Network) attack types and mitigation methods
  • Learn about security concepts such as storm control and directed broadcasts
  • Explore the ways to secure the control plane to protect device management
Juniper Networks Ambassador Martin Brown (CCNP, CCNA, JNCIS-ENT, JNCDA) is a 17+ year network security engineering professional working at a Tier 1 service provider. Martin is in constant contact with Juniper: Attending meetings, viewing presentations on their latest technologies, and going to NXTWORK summits. He is author of the O'Reilly title, Building Small Office Networks Using the Junos OS - Design and Build a VPN Connected Office Network using Juniper Devices.

Table of Contents

  1. Introduction
    1. Course Introduction 00:03:01
    2. About Me 00:01:39
    3. How To Access Your Working Files 00:01:15
  2. Getting Started
    1. Overview Of Juniper Ex Series Switches 00:04:35
    2. Why Internal Security Is Necessary 00:05:22
    3. Introduction To Our Lab Environment 00:07:28
  3. Layer 2
    1. Layer 2 Attacks Part - 1 00:08:27
    2. Layer 2 Attacks Part - 2 00:06:02
    3. Layer 2 Attacks Part - 3 00:04:52
    4. Persistent Mac Learning 00:04:50
    5. 802.1X Part - 1 00:06:44
    6. 802.1X Part - 2 00:04:17
    7. Mac Limiting 00:06:57
    8. Mac Move Limiting 00:06:15
    9. Storm Control 00:07:30
    10. VLAN Hoping Prevention 00:08:31
    11. Protecting The Spanning Tree Domain Part - 1 00:06:44
    12. Protecting The Spanning Tree Domain Part - 2 00:05:02
    13. Static Mac Address Secure Ports 00:03:32
    14. Troubleshooting Layer 2 Security 00:04:15
  4. Layer 3
    1. Types Of Layer 3 Attack 00:09:11
    2. Dynamic ARP Inspection Part - 1 00:07:04
    3. Dynamic ARP Inspection Part - 2 00:06:27
    4. Dynamic ARP Inspection Part - 3 And IP Source Guard 00:06:26
    5. Trusted DHCP Servers Part - 1 00:08:39
    6. Trusted DHCP Servers Part - 2 00:04:31
    7. Directed Broadcasts 00:06:37
    8. Proxy ARP 00:07:56
    9. Securing Routing Protocols Part - 1 00:08:23
    10. Securing Routing Protocols Part - 2 00:05:01
  5. Securing The Control Plane
    1. Control Plane Attacks 00:08:10
    2. Limiting Login Attempts 00:08:57
    3. Encrypting Session Data 00:07:10
    4. Firewall Filters Part - 1 00:09:18
    5. Firewall Filters Part - 2 00:08:13
    6. Firewall Filters Part - 3 00:05:34
    7. Policers And Rate Limiting Part - 1 00:08:04
    8. Policers And Rate Limiting Part - 2 00:04:09
  6. Wrap-Up
    1. Where To Find More 00:02:25
    2. Conclusion 00:05:59