Professional Services Product Solutions Training & Certification Technology Partners Technical Support About Us
Security Certification
Security Certification
Blue Coat

Check Point


 


Check Point Security Administrator R75 Course (CCSA R75)

Price: $2,395

Schedule:  View by City,   View by Class,   View by Date

Course Overview: 

Check Point Security Administrator provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network. In addition, you will upgrade and configure a Security Gateway to implement a virtual private network for both internal and external, remote users. This course prepares the participants for the CCSA R75 certification exam #156-215.75.

Course Duration:  Three Day Course


Who Should Attend:

  • Post-sale Support Technicians
  • Understanding of Windows and/or UNIX operating systems
  • Basic networking knowledge
  • Experience with TCP/IP and the Internet

 

Course Objectives:

  • Describe Check Point’s unified approach to network management, and the key elements of it
  • Design a distributed environment
  • Install the Security Gateway version R75 in a distributed environment
  • Perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
  • Deploy Gateways using sysconfig and cpconfig from the Gateway command line
  • Create and configure network, host and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  • Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on current corporate requirements
  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
  • Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
  • Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
  • Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
  • Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
  • Upgrade and attach product licenses using SmartUpdate
  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
  • Manage users to access the corporate LAN by using external databases
  • Use Identity Awareness to provide granular level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base
  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources
  • Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels

 

Course Agenda:

Chapter 1—Introduction to Check Point Technology

  • Describe Check Point’s unified approach to network management and the key elements of this architecture
  • Design a distributed environment using the network detailed in the course topology
  • Install the Security Gateway version R75 in a distributed environment using the network detailed in the course topology

Chapter 2—Deployment Platforms

  • Given network specifications, perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
  • Deploy Gateways using sysconfig and cpconfig from the Gateway command line

Chapter 3—Introduction to the Security Policy

  • Given the network topology, create and configure network, host and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  • Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on current corporate requirements
  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime

Chapter 4—Monitoring Traffic and Connections

  • Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
  • Using packet data on a given corporate network, generate reports, troubleshoot system and security issues, and ensure network functionality
  • Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access based on corporate requirements

Chapter 5—Using SmartUpdate

  • Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
  • Upgrade and attach product licenses using SmartUpdate

Chapter 6—User Management and Authentication

  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
  • Manage users to access the corporate LAN by using external databases

Chapter 7—Identity Awareness

  • Use Identity Awareness to provide granular level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base

Chapter 8—Introduction to Check Point VPNs

  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources
  • Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels
    Lab Exercises Include:
    • Distributed Installations
    • Branch Office Security Gateway Installations
    • CLI Tools
    • Building a Security Policy
    • Configure the DMZ
    • Configure NAT
    • Monitor with SmartView Tracker
    • Client Authentication
    • Identity Awareness
    • Site-to-Site VPN between corporate and branch office
     
     
    © 2010 Cadre Information Security. All rights reserved. | Site Map | Contact Us | Legal | Privacy Policy