COURSE DESCRIPTION
1
Security Administration R77
Validate your skills on the GAiA operating system
Check Point Security Administration R77 provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network, upgrading and configuring a Security Gateway and implementing a virtual private network.
Course Design
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This course include the following:
System Administrators Support Analysts Security Managers Network Engineers
Anyone seeking CCSA certification
Prerequisites
Persons attending this course should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet.
Instructional Method
This course is available in either classroom or self-paced online formats, and includes access to a live lab environment, as well as demonstrations and the practical application of concepts through hands-on exercises.
Course Length
3 days
Certification Information
This course helps prepare for CCSA exam #156-215.77 available at VUE test centers www.vue.com/checkpoint. It contains 90 multiple-choice, scenario-based questions. A passing score is 70% or higher. The exam is based on 80% course materials and 20% hands-on experience with Check Point products. Students should have at least 6 months experience with Check Point products before challenging the exam.
Course Topics
Introduction to Check Point Technology Deployment Platforms
Introduction to the Security Policy Monitoring Traffic and Connections Network Address Translation Using SmartUpdate
COURSE DESCRIPTION
2 Identity Awareness
Introduction to Check Point VPNs
Course Objectives Include
Describe Check Point’s unified approach to network management, and the key elements of it Design a distributed environment
Install the Security Gateway in a distributed environment
Perform a backup and restore the current Gateway installation from the command line
Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
Deploy Gateways using the Gaia web interface
Create and configure network, host and gateway objects
Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services,
and LAN outbound use
Configure NAT rules on Web and Gateway servers
Evaluate existing policies and optimize the rules based on current corporate requirements
Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
Use Queries in SmartView Tracker to monitor IPS and common network traffic and trouble¬shoot events using packet data
Use packet data to generate reports, trouble¬shoot system and security issues, and ensure network functionality Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status,monitor suspicious
activity rules, analyze tunnel activity and monitor remote user access
Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways Upgrade and attach product licenses using SmartUpdate
Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
Manage users to access the corporate LAN by using external databases Use Identity Awareness to provide granular level access to network resources Acquire user information used by the Security Gateway to control access Define Access Roles for use in an Identity Awareness rule
Implement Identity Awareness in the Firewall Rule Base Configure a pre-shared secret site-to-site VPN with partner sites Configure permanent tunnels for remote access to corporate resources
Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels
Lab Exercises Include
Distributed Installations
COURSE DESCRIPTION
3 Common Tools
Building a Security Policy Configure the DMZ Configure NAT
Monitor with SmartView Tracker Client Authentication
Identity Awareness
COURSE DESCRIPTION
4
Check Point Secure Web Gateway
2-day course teaches how Check Point's Secure Web Gateway enables safe use of the Web and applications with real-time multi-layered protection that blocks access to malicious malware, phishing and dangerous apps by constantly updating URLs and antivirus signatures from our global network of security intelligence sensors.
Course Design
This course is designed for customers and partners who want to add a secure web gateway solution to their security strategy.
This could include the following: System Administrators Support Analysts Network Engineer
Prerequisites
Successful completion of this course depends on knowledge of multiple disciplines related to network-security activities including UNIX and Windows operating systems, Certificate management, system administration, security administration and networking (TCP/IP).
Instructional Method
This course is available in either classroom or self-paced online formats, and includes access to a live lab environment, as well as demonstrations and the practical application of concepts through hands-on exercises.
Course Length
2 days
Learn how to
Identify and block malware
Block access to dangerous websites
Control access to applications and websites by person Apply Intrusion Prevention
Investigate App Control and URL Filtering security events Define advanced security policy configurations
How You Will Benefit:
Protect your network from threats on the Web Develop a corporate web and application profile
COURSE DESCRIPTION
5
Course Topics
How to leverage the ThreatCloud for global security intelligence How to identify and block malware
How to block dangerous websites
How to apply granular control of applications Why IPS is essential to a secure web
How to get 360 degree visibility of your security profile and events The value of a Unified Security Policy
Course Objectives Include
Explain the best practices for IT Security Describe how ThreatCloud fights cybercrime Apply Antivirus
Explain how URL Filtering categorizes websites
Discuss how Application Control enables granular control of Web applications and social networking widgets Apply proactive intrusion prevention
Detect infected hosts, identify bot outbreaks, block bot communication
Describe how Identity Awareness provides granular visibility of users, groups and machines Describe how SmartEvent enables you to view users’ online behavior and applications Explain how Captive Portal authenticates users
Describe the different between Terminal Server Identity Agent and Endpoint Identity Agent Deploy Application Control & URL Filtering
Configure the Application Control & URL Filtering Policy Test Basic Application Control & URL Filtering Functionality
Deploy SmartEvent Monitor Application Control and URL Filtering Activity Configure Application Control & URL Filtering Tracking Mechanisms Generate Traffic that Triggers Application Control & URL Filtering
Customize SmartEvent to Present Application Control & URL Filtering Events Investigate Application Control & URL Filtering Events
Identify Application Control & URL Filtering Activity
Lab Exercises Include
Configuring User Directory Integration
Protecting your network from threats on the web Developing a corporate web and application profile
Defining User Exceptions and Advanced Policy Configurations Handling HTTPS Inspection
COURSE DESCRIPTION
6
