Day One: Deploying SRX Series Services Gateways

Find out what Junos can do running a security device. The SRX devices are super-charged firewalls fortified with routing and switching capabilities. So get ready because working on the SRX Series combines powerful Junos networking with a potent set of new security services. This book shows you how to get started: how to console to your SRX device, perform initial configuration, and deploy your new box in a matter of hours. There’s no theory, no workarounds, no chatty diversions. Let’s get going.

Sample Pages

Download Book

Day One books are a free download for our J-Net members*. If you’re not a J-Net member, create a user account now. It’s fast and there’s no commitment or spam. Once you’re a member you can come back and download any of the Day One books.

Download: J-Net Member
Download: Not a J-Net Member

* If you have an existing Juniper user account, you can use it to login to J-Net

About the Author(s)

Barny Sanchez is Consulting Engineer at Juniper Networks, specializing in Security Products and Solutions.

Author Q & A

What got you started on this book?

The main driver that got me started on this book was the amount of customer interactions I had where all they wanted was a seat down, 1 day, to receive my help getting them jump-started with their brand new SRX devices. Many of them were migrating from another vendor’s product, or even from Juniper’s ScreenOS devices, and they wanted a little hand holding to build confidence, get the basics and move on from there.

Who is this book for?

This is for someone brand new to SRX devices. Preferably for administrators with some config time in Junos CLI (although not mandatory). It is also best if the user reading this book has a security (firewall) background. This is because the book focuses in how to configure tasks, as opposed to covering the theory behind the technology. This is more of a hands-on aid, not a theory book.

After reading this book, what will the reader learn or know?

The reader will know how to do a basic configuration of a SRX involving NATing, internal/external authentication, logging, basic security policies, etc. The SRX is a feature-rich device and users need to start somewhere. This book provides that initial guidance to learn the basics and then do more complex stuff.

What do you recommend as the next item to read after this book? What are your plans for more?

For now I would suggest turning to the Tech Pubs documentation. Although a SRX O’Reilly book is on the works. As a technical editor for that upcoming book, I highly recommend that you buy the book when it comes out, and this will complement nicely what you will learn from reading my book.

What was your inspiration?

My primary motivation to start this book was to meet the need of my many customers who just needed to get jump-started with their brand new SRX devices. I am all about information exchange and collaboration. However getting my name more known in this field is also a motivating goal.

What’s your favorite bit/part in the book?

I really enjoyed writing every single chapter. However the external authentication/RADIUS integration was different, as it touches in other products and technologies, and this is something that makes people scratch their heads.

How hard was it to write? Tell us how and when you wrote it?

It was harder than I initially thought. This is because Day One authors have to zero-in into subjects disregarding a lot of the theory behind it. Sometimes doing this, separating the engineering mind from the writer one is a continuous challenge. Many times I wrote a couple of paragraphs, and then re-read them just to find out that they had a lot of complexity, so I had to delete and go at it again.

I wrote this booklet during weekends, when I was in flights, and some nights. I tried to keep my writing tasks separate from all my other commitments.

As always, managing the personal time, travel, college, and regular work commitments is the biggest challenge of all.

Did you create a test bed for the book? How much set up did it take?

Indeed! all the screenshots and examples came from my lab. I run this lab out of Westford, Massachusetts, and in there I have multiple SRXs of all the models that Juniper currently sells, along with many more devices and servers. I use this lab for configuration validations for customers, and to run demos and perform POCs (Proof of Concept). By the way, why Camlab? (Cambridge Lab). This lab was born in Cambridge Massachusetts, later on it was moved to the Westford office after the Cambridge office was shutdown. I had so many services and systems bound to "Camlab" that I resisted from renaming my entire lab.

Who tech reviewed your book?

Different parts of the book were reviewed by different folks. This was always a moving target, as I went back and forth correcting my text and examples.

Who would you like to thank?

In projects like this there is usually a lot of people involved so I would like to thank every single person that had a hand on it. Special thanks go out to Patrick Ames and Cathy Gadecki for the invitation to write and their ongoing support. Sameer Sharma for providing me with all the “toys” available in Camlab, and last but not least, my family who are my true inspiration for everything that I do and am in life.