Check Point - CCMSE

The Check Point - CCMSE NGX training course offers in depth training on deploying and managing Check Point Provider-1 NGX. Participants will learn how to configure Security Policies for multiple remote Security Gateways using the Multi-Domain GUI (MDG), and learn about managing multiple firewall-secured environments using the Multi-Domain Server (MDS). Participants will also learn how to perform advanced configuration tasks, such as establishing redundant Multi-Domain Servers for High Availability management functions and migrating existing servers into the Provider-1 database.

The Check Point - CCMSE NGX Plus VSX training course will provide participants with an understanding of key concepts and skills necessary to effectively configure and deploy VPN-1 VSX, to manage multiple customer sites. This course provides hands-on training for installing VSX on SecurePlatform. Participants will learn to configure Security Policies for multiple remote firewalls, using the Provider-1 NGX Multi-Domain GUI (MDG). They will also learn about managing multiple firewall-secured environments, and using Virtual Systems and Virtual Routers in a VSX configuration. Participants will understand how to perform advanced configuration tasks, such as establishing redundant VSX Gateways for High Availability functions.

System administrators, security managers, or network engineers.


Check Point - CCMSE NGX
(Duration : 2 Days)


Provider-1 Overview and Deployment:

  • Example MSP Deployment
  • Multi-Domain GUI and Server
  • Types of MDs
  • Communication between CMA and Security Gateway
  • Multi-Domain Log Modules
  • CheckPoint Management Infrastructure
  • OPSEC Support
  • Provider-1 Communication
  • Security Gateway Deployment
  • Point-of-Presence Provider-1 NGX Configuration
  • NOC Security
  • Log Management
  • Benefits of Provider-1 NGX

MDS Installation and Configuration:

  • Choosing the Type of MDS
  • Licensing Provider-1/SiteManager-1
  • License Details and Upgrading Licenses
  • Provider-1/Site Manager System Requirements
  • Secure Platform Appliances
  • IP Allocation and Routing
  • Command Line and File Structure
  • MDS and CMA Command Line Options
  • Overview of the Multi-Domain GUI
  • Establishing Communication with Remote Security Gateways
  • Multi-Domain GUI Functionality
  • Provider-1 Administrative Modes
  • Customer Contents Mode
  • Security Policies Modes
  • SmartUpdate View
  • SmartUpdate Toolbar Buttons
  • High Availability View
  • Customer Contents Mode
  • MDS Contents Mode
  • High Availability Toolbar Buttons
  • Connected Administrators Views
  • Connected Administrators Toolbar Buttons

NOC Firewall Installation and Configuration:

  • Network Operations Center Security
  • MDG Communication
  • Enhancing NOC Security
  • Rule Base Configurations

Provider-1 Logging Features:

  • Log Management
  • Customer Log Module
  • Multi-Domain Log Module System
  • MLM Deployment
  • Using Eventia Reporter

Global Policies:

  • Global Policy Rules
  • Global Objects and Services
  • Global Policy Database
  • Customer History
  • Global SmartDefense
  • Configuring SmartDefense in Global SmartDashboard
  • Subscribing an Customer to the Global SmartDefense Service
  • Modifying SmartDefense from the SmartDashboard of a CMA
  • Creating Global Objects and Rules
  • Configuring a Global VPN
  • Global VPN Communities

Advanced MDS Function:

  • Migrating Existing Management Servers into Provider-1
  • MDS High Availability Features
  • Methodology of MDS Synchronization
  • MDS Synchronization
  • SmartCenter Server HA of a CMA
  • MDS Clock Synchronization
  • Backing Up a CMA
  • MDS Archiving Utilities
  • Archiving Scripts
  • Restoring the MDS
  • Using the mds_restore command
Check Point - CCMSE NGX Plus VSX
(Duration : 3 Days)


VPN-1 VSX Architecture and Deployment:

  • VSX Overview
  • VSX Building Blocks
  • Managing the VSX Gateway
  • Clustering in VSX
  • IP Address Allocation for VSX Implementation
  • VSX Packet Flow and Routing
  • Routing from Virtual System to Virtual System
  • Overlapping IP Address-Space Support

VSX Management Server Installation and Configuration:

  • VSX Management
  • SmartCenter Management Model
  • Provider-1 Management Model
  • Check Point Licenses
  • Upgrading Previous Deployments
  • VSX NGX System Requirements
  • Installing and Configuring VSX
  • Installing Provider-1 NGX for VSX on a Secure Platform Machine
  • Installing the Provider-1 NGX MDG on Windows

VSX Gateway Installation and Configuration:

  • VSX Gateway's Virtual Topology
  • Management of Virtual Devices
  • Installing the VSX Gateway on SecurePlatform
  • Unique State-Table Configuration
  • Security Policy Separation
  • Unique Configuration Parameters
  • Management Virtual System
  • VSX Interface Support
  • External Virtual Routers
  • Management Server Communication
  • Provisioning and Network-Configuration Channel
  • System Virtualization
  • Advanced Routing Configurations

VSX and Layer2 Communications:

  • Virtual Switch
  • Virtual Switch in a Cluster
  • Virtual Switch and Dynamic Routing using OSPF

VSX and VLAN Tagging:

  • VLAN Technology
  • VLAN Tagging
  • VLAN Tag Composition
  • VLAN Trunking and Membership
  • Implicit/Explicit VLAN Membership
  • VLAN Configuration in a VSX Environment
  • Configuring Interfaces to Allow VLAN-Tagged Traffic
  • Associating VLAN Traffic with specific Virtual Systems

Deploying Virtual Systems in a Bridged Configuration:

  • Virtual System in Bridge Mode
  • Security for Virtual Systems in Bridge Mode
  • Clustering Virtual Systems in Bridge Mode (ClusterXL Only)

Configuring VSX Gateway High Availability:

  • VSX Gateway High Availability
  • NGX and VSX Clustering
  • VSX state Synchronization
  • Synchronization Network
  • Synchronization Modes
  • Deploying Multiple VSX Gateways in an HA Environment
  • Creating VSX Gateway and EVR Cluster Objects
  • Completing VSX System Configuration
  • Configuring Customer Clusters

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 3,500 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 20,000 corporate candidates across india and abroad
  • All our trainings are conducted in workshop mode with more focus on hands On

View our other course offerings by visiting www.encartalabs.com/course-catalogue

Contact us for delivering this course as a public/open-house workshop for a group of 10+ candidates at our venue