EncartaLabs

Accelerated Check Point - CCSA and CCSE

( Duration: 5 Days )

The Accelerated Check Point - CCSA and CCSE Training course combines the complete three day Administrator and complete three day Expert course into one five day training event.

By attending Accelerated Check Point - CCSA and CCSE workshop, Participants will learn to:

  • Describe Check Point’s unified approach to network management, and the key elements of it
  • Design a distributed environment
  • Install the Security Gateway version in a distributed environment
  • Perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
  • Deploy Gateways using sysconfig and cpconfig from the Gateway command line
  • Create and configure network, host and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  • Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on current corporate requirements
  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
  • Use Queries in SmartView Tracker to monitor IPS and common network traffic and trouble-shoot events using packet data
  • Use packet data to generate reports, trouble-shoot system and security issues, and ensure network functionality
  • Use SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
  • Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
  • Upgrade and attach product licenses using SmartUpdate
  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
  • Manage users to access the corporate LAN by using external databases
  • Use Identity Awareness to provide granular level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base
  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources
  • Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels
  • Perform debugs on firewall processes using your knowledge of Security Gateway infrastructures including chain modules, packet flow and kernel tables
  • Perform a backup of a Security Gateway and Management Server using the differences between backups, snapshots and upgrade-exports
  • Upgrade and troubleshoot a Management Server using a database migration
  • Upgrade and troubleshoot a clustered Security Gateway deployment
  • Configure SmartDirectory to incorporate user information for authentication services on the network
  • Manage internal and external user access to resources for Remote Access of across a VPN
  • Troubleshoot user access issues found when implementing Identity Awareness
  • Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
  • Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network
  • Build, test and troubleshoot a management HA deployment on an enterprise network
  • Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement on the firewall
  • Troubleshoot a site-site or certificate-based VPN on a corporate gateway using IKEView, VPN log files and command-line debug tools
  • Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions
  • Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers
  • Create events or use existing event definitions to generate reports on specific network traffic using SmartReporting and SmartEvent in order to provide industry compliance information to management
  • Use your knowledge of SmartEvent architecture and module communication, troubleshoot report generation given command-line tools and debug file information

Persons attending this workshop should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet.

COURSE AGENDA

1

Introduction to Check Point Technology

2

Deployment Platforms

3

Introduction to the Security Policy

4

Monitoring Traffic and Connections

5

Using SmartUpdate

6

User Management and Authentication

7

Identity Awareness

8

Introduction to Check Point VPNs

9

Advanced Firewall

10

Advanced Upgrading

11

Advanced User Management

12

Advanced Clustering and Acceleration

13

Advanced IPsec VPN and Remote Access

14

Auditing and Reporting

15

User Mode Debug

16

Labs

  • Upgrading
  • Migrating to a clustering solution
  • VPNs with 3rd-party certificates
  • Active Directory configuration
  • Remote Access with Endpoint Security VPN
  • SmartEvent and SmartReporter

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 3,500 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 20,000 corporate candidates across india and abroad
  • All our trainings are conducted in workshop mode with more focus on hands On

View our other course offerings by visiting www.encartalabs.com/course-catalogue

Contact us for delivering this course as a public/open-house workshop for a group of 10+ candidates at our venue

Top