Training offering

Check Point Security Administrator R75

Information

Price £1,795 before tax
Length: 3 Days
Lunch : Included
Courseware : Included
Course code: CKT_CCSA75

Session dates

See sessions for other countries

Description

This course is currently only available on-demand.

Delegates looking to attend the CCSA course are recommended to attend the
http://edu.arrowecs.eu/uk/trainings/open/check-point-certified-security-administration-2013--r76-/395602/training_sheet.html training course. Please call for more details.

Check Point Security Administrator provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network. In addition, you will upgrade and configure a Security Gateway to implement a virtual private network for both internal and external, remote users.

Course Topics:

• Introduction to Check Point Technology
• Deployment Platforms
• Introduction to the Security Policy
• Monitoring Traffic and Connections
• Using SmartUpdate
• User Management and Authentication
• Identity Awareness
• Introduction to Check Point VPNs

Objectives

• Describe Check Point’s unified approach to network management, and the key elements of it
• Design a distributed environment
• Install the Security Gateway version R75 in a distributed environment
• Perform a backup and restore the current Gateway installation from the command line
• Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
• Deploy Gateways using sysconfig and cpconfig from the Gateway command line
• Create and configure network, host and gateway objects
• Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
• Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN
outbound use
• Configure NAT rules on Web and Gateway servers
• Evaluate existing policies and optimize the rules based on current corporate requirements
• Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
• Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
• Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
• Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
• Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
• Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
• Upgrade and attach product licenses using SmartUpdate
• Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
• Manage users to access the corporate LAN by using external databases
• Use Identity Awareness to provide granular level access to network resources
• Acquire user information used by the Security Gateway to control access
• Define Access Roles for use in an Identity Awareness rule
• Implement Identity Awareness in the Firewall Rule Base
• Configure a pre-shared secret site-to-site VPN with partner sites
• Configure permanent tunnels for remote access to corporate resources
• Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels

Participants

Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include the following:

• System Administrators
• Support Analysts
• Security Managers
• Network Engineers
• Anyone seeking CCSA certification

Prerequisite(s)

Persons attending this course should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet.

Programme

Chapter 1—Introduction to Check Point Technology
• Describe Check Point’s unified approach to network management and the key elements of this architecture
• Design a distributed environment using the network detailed in the course topology
• Install the Security Gateway version R75 in a distributed environment using the network detailed in the course topology

Chapter 2—Deployment Platforms

• Given network specifications, perform a backup and restore the current Gateway installation from the command line
• Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
• Deploy Gateways using sysconfig and cpconfig from the Gateway command line

Chapter 3—Introduction to the Security Policy
• Given the network topology, create and configure network, host and gateway objects
• Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
• Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
• Configure NAT rules on Web and Gateway servers
• Evaluate existing policies and optimize the rules based on current corporate requirements
• Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime

Chapter 4—Monitoring Traffic and Connections
• Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
• Using packet data on a given corporate network, generate reports, troubleshoot system and security issues, and ensure network functionality
• Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access based on corporate requirements

Chapter 5—Using SmartUpdate

• Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
• Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
• Upgrade and attach product licenses using SmartUpdate

Chapter 6—User Management and Authentication

• Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
• Manage users to access the corporate LAN by using external databases

Chapter 7—Identity Awareness
• Use Identity Awareness to provide granular level access to network resources
• Acquire user information used by the Security Gateway to control access
• Define Access Roles for use in an Identity Awareness rule
• Implement Identity Awareness in the Firewall Rule Base

Chapter 8—Introduction to Check Point VPNs
• Configure a pre-shared secret site-to-site VPN with partner sites
• Configure permanent tunnels for remote access to corporate resources
• Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels

LAB EXERCISES INCLUDE
• Distributed Installations
• Branch Office Security Gateway Installations
• CLI Tools
• Building a Security Policy
• Configure the DMZ
• Configure NAT
• Monitor with SmartView Tracker
• Client Authentication
• Identity Awareness
• Site-to-Site VPN between corporate and branch office

Options

This course helps prepare for CCSA R75 exam # 156-215.75 available to purchase from training@arrowecs.co.uk.

The exam contains 90 multiple-choice, scenario-based questions. A passing score is 70% or higher in 120 minutes. The exam is based on 80% course materials and 20% hands-on experience with Check Point products. Students should have at least 6 months experience with Check Point products before challenging it.

Please note that exam vouchers are only for use within the United Kingdom.

© 2010 vPlanet - Arrow ECS. All rights reserved.