The itself not so secure JIPS-Course

Last week I attended the 2-days JIPS (Junos Intrusion Prevention Systems), which will soon be part of the shiny new 5-day AJSEC (hopefully way way way better)…

Anyways – currently this was an official Juniper course so for the preparation for my JNCIE-SEC I thought, that it might be wise to attend it in order to prepare myself for some IDS / IPS – baaaaaad mistake and wasted time…

I like to share the following picture with you:

Yes – we have 2017 – and yes, the official course includes:

Windows Server 2003 (at least someone patched it to SP2…)
Wireshark 1.0.8 (from – well – I honestly don’t even remember when this came out…)
CentOS 5.4 (from 2009!!!)
NSM2009.1 r1 (Jesus Crist I thought this was already buried 7 years ago…)
JunOS 12.1R2.9 (Well, I have seen 11.1 in the field, so…)

Guys – 2017 – for a freakin security¬†course you should/could have done way better…
I suggest for the new course you should look for:

Windows Server 2016
Wireshark 2.2.6
CentOS 7.3
JunOS Space Security Director 16.2
JunOS 12.1X46-D65 or even better instead of SRX240-H (which is EoL by the way), use the new SRX340 with 15.1X49-D75 or the vSRX…

I am very disappointed and this was beyond a doubt the worst course I ever had to attend. Don’t get me wrong – the (old) AJSEC was great – very interesting stuff and somewhat usable for up-to-date SRXes. But the JIPS – even sitting inside the hotelroom and looking out of the window would have told me about security more than this. Now I will have to recreate myself some IDP-Patterns and hopefully the exam won’t have much to do with it.

If you want more Infos – well – you know how to reach me…

In my opinion this course should have been EoL in 2012 at latest or someone should have upgraded it properly to show new IDP techniques, patterns and maybe more about finding ransomware-patterns.

Of course I will not blackmail the Training-Partner – because he got the Lab straight from Juniper.

4 thoughts on “The itself not so secure JIPS-Course

  1. alexander marhold

    Unfortunately the new AJSEC course only contains an Introduction to IPS (from the old JSEC course) and is therefore NOT a usable successor for the old JIPS course.
    Yes the old JIPS course is or was rather old, but quite detailed on what you can do with IPS. Now there is NO possibility from Juniper to learn some advanced IPS things anymore.
    Juniper Trainer at fastlane germany

    1. christianscholz Post author

      Hi Alexander,
      thanks for commenting on this.
      It’s really sad that Juniper decides to “ignore” the IPS capabilities.
      In the JNCIE-SEC Exam I definitely need to use them so I had to google a lot and test a lot to see how it actually works.


Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha * Time limit is exhausted. Please reload CAPTCHA.