EncartaLabs

Check Point - CCMSE

The Check Point - CCMSE NGX training course offers in depth training on deploying and managing Check Point Provider-1 NGX. Participants will learn how to configure Security Policies for multiple remote Security Gateways using the Multi-Domain GUI (MDG), and learn about managing multiple firewall-secured environments using the Multi-Domain Server (MDS). Participants will also learn how to perform advanced configuration tasks, such as establishing redundant Multi-Domain Servers for High Availability management functions and migrating existing servers into the Provider-1 database.

The Check Point - CCMSE NGX Plus VSX training course will provide participants with an understanding of key concepts and skills necessary to effectively configure and deploy VPN-1 VSX, to manage multiple customer sites. This course provides hands-on training for installing VSX on SecurePlatform. Participants will learn to configure Security Policies for multiple remote firewalls, using the Provider-1 NGX Multi-Domain GUI (MDG). They will also learn about managing multiple firewall-secured environments, and using Virtual Systems and Virtual Routers in a VSX configuration. Participants will understand how to perform advanced configuration tasks, such as establishing redundant VSX Gateways for High Availability functions.

System administrators, security managers, or network engineers.

COURSE AGENDA

Check Point - CCMSE NGX
(Duration : 2 Days)

1

Provider-1 Overview and Deployment:

  • Example MSP Deployment
  • Multi-Domain GUI and Server
  • Types of MDs
  • Communication between CMA and Security Gateway
  • Multi-Domain Log Modules
  • CheckPoint Management Infrastructure
  • OPSEC Support
  • Provider-1 Communication
  • Security Gateway Deployment
  • Point-of-Presence Provider-1 NGX Configuration
  • NOC Security
  • Log Management
  • Benefits of Provider-1 NGX
2

MDS Installation and Configuration:

  • Choosing the Type of MDS
  • Licensing Provider-1/SiteManager-1
  • License Details and Upgrading Licenses
  • Provider-1/Site Manager System Requirements
  • Secure Platform Appliances
  • IP Allocation and Routing
  • Command Line and File Structure
  • MDS and CMA Command Line Options
  • Overview of the Multi-Domain GUI
  • Establishing Communication with Remote Security Gateways
  • Multi-Domain GUI Functionality
  • Provider-1 Administrative Modes
  • Customer Contents Mode
  • Security Policies Modes
  • SmartUpdate View
  • SmartUpdate Toolbar Buttons
  • High Availability View
  • Customer Contents Mode
  • MDS Contents Mode
  • High Availability Toolbar Buttons
  • Connected Administrators Views
  • Connected Administrators Toolbar Buttons
3

NOC Firewall Installation and Configuration:

  • Network Operations Center Security
  • MDG Communication
  • Enhancing NOC Security
  • Rule Base Configurations
4

Provider-1 Logging Features:

  • Log Management
  • Customer Log Module
  • Multi-Domain Log Module System
  • MLM Deployment
  • Using Eventia Reporter
5

Global Policies:

  • Global Policy Rules
  • Global Objects and Services
  • Global Policy Database
  • Customer History
  • Global SmartDefense
  • Configuring SmartDefense in Global SmartDashboard
  • Subscribing an Customer to the Global SmartDefense Service
  • Modifying SmartDefense from the SmartDashboard of a CMA
  • Creating Global Objects and Rules
  • Configuring a Global VPN
  • Global VPN Communities
6

Advanced MDS Function:

  • Migrating Existing Management Servers into Provider-1
  • MDS High Availability Features
  • Methodology of MDS Synchronization
  • MDS Synchronization
  • SmartCenter Server HA of a CMA
  • MDS Clock Synchronization
  • Backing Up a CMA
  • MDS Archiving Utilities
  • Archiving Scripts
  • Restoring the MDS
  • Using the mds_restore command
Check Point - CCMSE NGX Plus VSX
(Duration : 3 Days)

1

VPN-1 VSX Architecture and Deployment:

  • VSX Overview
  • VSX Building Blocks
  • Managing the VSX Gateway
  • Clustering in VSX
  • IP Address Allocation for VSX Implementation
  • VSX Packet Flow and Routing
  • Routing from Virtual System to Virtual System
  • Overlapping IP Address-Space Support
2

VSX Management Server Installation and Configuration:

  • VSX Management
  • SmartCenter Management Model
  • Provider-1 Management Model
  • Check Point Licenses
  • Upgrading Previous Deployments
  • VSX NGX System Requirements
  • Installing and Configuring VSX
  • Installing Provider-1 NGX for VSX on a Secure Platform Machine
  • Installing the Provider-1 NGX MDG on Windows
3

VSX Gateway Installation and Configuration:

  • VSX Gateway's Virtual Topology
  • Management of Virtual Devices
  • Installing the VSX Gateway on SecurePlatform
  • Unique State-Table Configuration
  • Security Policy Separation
  • Unique Configuration Parameters
  • Management Virtual System
  • VSX Interface Support
  • External Virtual Routers
  • Management Server Communication
  • Provisioning and Network-Configuration Channel
  • System Virtualization
  • Advanced Routing Configurations
4

VSX and Layer2 Communications:

  • Virtual Switch
  • Virtual Switch in a Cluster
  • Virtual Switch and Dynamic Routing using OSPF
5

VSX and VLAN Tagging:

  • VLAN Technology
  • VLAN Tagging
  • VLAN Tag Composition
  • VLAN Trunking and Membership
  • Implicit/Explicit VLAN Membership
  • VLAN Configuration in a VSX Environment
  • Configuring Interfaces to Allow VLAN-Tagged Traffic
  • Associating VLAN Traffic with specific Virtual Systems
6

Deploying Virtual Systems in a Bridged Configuration:

  • Virtual System in Bridge Mode
  • Security for Virtual Systems in Bridge Mode
  • Clustering Virtual Systems in Bridge Mode (ClusterXL Only)
7

Configuring VSX Gateway High Availability:

  • VSX Gateway High Availability
  • NGX and VSX Clustering
  • VSX state Synchronization
  • Synchronization Network
  • Synchronization Modes
  • Deploying Multiple VSX Gateways in an HA Environment
  • Creating VSX Gateway and EVR Cluster Objects
  • Completing VSX System Configuration
  • Configuring Customer Clusters

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 3,500 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 20,000 corporate candidates across india and abroad
  • All our trainings are conducted in workshop mode with more focus on hands On

View our other course offerings by visiting www.encartalabs.com/course-catalogue

Contact us for delivering this course as a public/open-house workshop for a group of 10+ candidates at our venue

Top