Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA)

Print Friendly, PDF & Email
Introduction

Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA) Course with Hands-on Labs

Learn how to configure Check Point Security Gateway and Management Software Blades, as well as how to build, modify, deploy, and troubleshoot Check Point Security systems on the GAiA OS.

In this five-day bundled Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA) course, you will learn the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades, as well as how to effectively build, modify, deploy, and troubleshoot Check Point Security systems on the GAiA OS.

With this Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA), you will configure a Security Policy and learn about managing and monitoring a secure network. In addition, you will learn how to upgrade and configure a Security Gateway and implement a virtual private network (VPN). We will examine firewall processes and as well as user and kernel processing and stateful inspections. Labs include configuring security gateways, implementing VPNs, and performing advanced troubleshooting tasks on the firewall.

Duration: 5 days

Check Point Security Administration & Security Engineering Training Bundle (R80) Related Courses

Customize It

• If you are familiar with some aspects of this Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA) course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Check Point Security Administration and Security Engineering Training Bundle (R80.10 GAIA) course in manner understandable to lay audiences.

Audience / Target Group

The target audience for this Check Point Security Administration and Security Engineering Training Bundle course is defined here:

Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course.

This could include the following:

• System Administrators
• Support Analysts
• Security Managers
• Network Engineers
• Anyone seeking CCSA certification

Prerequisites:

The knowledge and skills that a learner must have before attending this Check Point Security Administration and Security Engineering Training Bundle course are:

• General knowledge of TCP/IP
• Working knowledge of Windows, UNIX, network technology, and the internet
• Understanding Networking Fundamentals
• TCP/IP Networking

Check Point Security Administration and Security Engineering Training Bundle - Objectives:

After completing this Check Point Security Administration & Security Engineering Training Bundle (R80) course, attendees will be able to:

• Advanced and in-depth explanation of Check Point firewall technology
• Key tips and techniques for troubleshooting Check Point firewall technology
• Advanced upgrading concepts and practices
• Clustering firewall, management concepts and practices
• Software acceleration features
• Advanced VPN concepts and implementations
• Reporting tools, deployment options and features

Certification:

• CCSA - Check Point Certified Security Administrator R80.10
• CCSE - Check Point Certified Security Expert R80.10

Check Point Security Administration and Security Engineering Training Bundle - Course Content:

• Describe Check Point's unified approach to network management, and the key elements of it
• Design a distributed environment
• Install the Security Gateway in a distributed environment
• Perform a backup and restore the current Gateway installation from the command line
• Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
• Deploy Gateways using the GAiA web interface Create and configure network, host and gateway objects
• Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
• Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
• Configure NAT rules on Web and Gateway servers
• Evaluate existing policies and optimize the rules based on current corporate requirements
• Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
• Use Queries in SmartView Tracker to monitor IPS and common network traffic and trouble-shoot events using packet data
• Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
• Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
• Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
• Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
• Upgrade and attach product licenses using SmartUpdate
• Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
• Manage users to access the corporate LAN by using external databases
• Use Identity Awareness to provide granular level access to network resources
• Acquire user information used by the Security Gateway to control access
• Define Access Roles for use in an Identity Awareness rule
• Implement Identity Awareness in the Firewall Rule Base
• Configure a pre-shared secret site-to-site VPN with partner sites
• Configure permanent tunnels for remote access to corporate resources
• Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels
• Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports
• Upgrade and troubleshoot a Management Server using a database migration
• Upgrade and troubleshoot a clustered Security Gateway deployment
• Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes
• Build, test, and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
• Build, test, and troubleshoot a ClusterXL High Availability deployment on an enterprise network
• Build, test, and troubleshoot a management HA deployment on an enterprise network
• Configure, maintain, and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement
• Using an external user database such as LDAP, configure User Directory to incorporate user information for authentication services on the network
• Manage internal and external user access to resources for Remote Access or across a VPN
• Troubleshoot user access issues found when implementing Identity Awareness
• Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files and command-line debug tools
• Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions
• Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers
• Create events or use existing event definitions to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry compliance information to management
• Troubleshoot report generation given command-line tools and debug-file information

Labs:

Lab 1: Distributed Installations
Lab 2: Stand-alone Security Gateway Installations
Lab 3: Common Tools
Lab 4: Building a Security Policy
Lab 5: Configure the DMZ
Lab 6: Configure NAT
Lab 7: Monitor with SmartView Tracker
Lab 8: Client Authentication
Lab 9: Identity Awareness
Lab 10: Site-to-Site VPN between Corporate and Branch Office
Lab 11: Upgrade to Check Point R77
Lab 12: Core CLI Elements of Firewall Administration
Lab 13: Migrate to a Clustering Solution
Lab 14: Configure SmartDashboard to Interface with Active Directory
Lab 15: Configure Site-to-Site VPNS with Third-Party Certificates
Lab 16: Remote Access with Endpoint Security VPN
Lab 17: SmartEvent and SmartReporter

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0