Check Point Certified Security Expert (CCSE) R81

CP_Elite

Course Overview

Check Point Certified Security Expert is an advanced course that teaches how to effectively build, modify, deploy and troubleshoot Check Point Security systems on the Gaia OS. We will study firewall processes and take a close look at user and kernel processing and Stateful Inspection. Labs include configuring security gateways, implementing VPNs, and preforming advanced troubleshooting tasks on the firewall. 

With Cadre's enhanced course, the participants will receive 24/7 access to the labs for 6 months. The instructor will also provide additional study guide materials and lecture that are important to know for real-world use of the features covered in the class. Additional lecture to assist in passing the Check Point exam is also included. 

If you choose to take the class Live on-line, Cadre provides a fully modern remote classroom experience with a state-of-the-art high resolution digital whiteboard. The whiteboard is excellent for complex network diagrams. 

Duration:  3 Days 

Prerequisites: Check Point Security Administration training, strong networking knowledge of Windows and/or UNIX operating systems and experience with TCP/IP and the internet. 

Price: $2,995 (Group discounts available)

CHECK AVAILABILITY

 

Who Should Attend

Technical persons who need to perform advanced deployment configurations of software blades. This could include the following: 

  • System Administrators
  • Network Engineers
  • Support Analysts
  • Systems Engineers
  • Professionals who want to earn Check Point Certified Security Engineer (CCSE) R81 certification, exam # 156-315.81.

Course Topics:

  • Management Upgrade and Migration
  • Remote access VPN
  • Management High Availability
  • Policy Installation
  • Mobile Access VPN
  • Gaia and Management APIs
  • Clustering
  • Acceleration
  • Advance Check Point Maintenance
  • Site-to-Site VPN
  • Advance Logs and Monitoring

Course Objectives:

  • Provide an overview of the upgrade service and options available
  • Explain how to perform management upgrade and migration
  • Articulate the process using CPUSE features
  • Articulate the purpose and function of Management High Availability
  • Explain Primary vs. Secondary, Active vs Standby and Synchronization
  • Explain disaster recovery steps in case the primary management server becomes unavailable
  • Provide overview of Central Deployment in SmartConsole
  • Articulate an understanding of Security Gateway cluster upgrade methods
  • Explain about Multi Version Cluster (MVC) upgrades
  • Discuss Gaia commands and how they are used 
  • Explain the main processes on s and s
  • Describe how to work with scripts and SmartTasks to configure automatic actions
  • Explain the Management Data Plane Separation (MDPS)
  • Explain kernel operations and traffic flow
  • Articulate dynamic and Updatable Objects in Security Gateways
  • Explain the policy installation flow and files used
  • Describe the use of policy installation history
  • Explain how to make changes in GAIA and management configuration
  • Explain how to install policy using API
  • Explain how the SecureXL acceleration technology enhances and optimizes and improves Security Gateway performance
  • Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance
  • Articulate how utilizing multiple traffic queues can make traffic handling more efficient
  • Discuss Site-to-Site VPN basics, deployment, and communities
  • Discuss how to analyze and interpret VPN tunnel traffic
  • Explain Link Selection and ISP Redundancy options
  • Explain tunnel management features
  • Discuss Check Point Remote Access solutions and how they differ from each other
  • Describe how client security can be provided by Remote Access
  • Explain authentication methods including machine authentication
  • Explain Multiple Entry Point (MEP)
  • Discuss the Mobile Access Software Blade and how it secures communication and data exchange during remote connections
  • Describe Mobile Access deployment options
  • Discuss various features in Mobile Access like Portals, Link Translation, running Native Applications, Reverse Proxy and more
  • Explain basic concepts of Clustering and ClusterXL
  • Explain about Cluster Control Protocol (CCP) and synchronization
  • Describe advanced ClusterXL functions and modes like Load Sharing, Active-Active, VMAC mode etc.
  • Discuss Cluster Correction Layer (CCL) to provide connection stickiness
  • Advanced Logs and Monitoring
  • Explain how to determine if the configuration is compliant with the best practices
  • Explain how to set action items to meet the compliance
  • Discuss how SmartEvent functions to identify critical security issues
  • Describe the components of SmartEvent and their deployment options
  • Discuss how SmartEvent can assist in reporting security threats
  • Explain how to customize event definitions and set an Event Policy

Lab Exercises Include:

  • Prepare for a Security Management Server Upgrade
  • Upgrade the Security Management Server
  • Deploy a Secondary Security Management Server
  • Configure a Distributed Log Server
  • Upgrade a Security Gateway from SmartConsole
  • Work with the Command Line
  • Use Scripts and SmartTasks
  • Configure Dynamic Objects
  • Monitor Traffic
  • Verify Policy Installation and Status
  • Work with Gaia and Management APIs
  • Work with Acceleration Features
  • Configure a Locally Managed Site to Site VPN
  • Configure a Site to Site VPN with an Interoperable Device
  • Configure Mobile and Remote Access VPN
  • Work with ClusterXL
  • Configure Policy Compliance
  • Deploy SmartEvent

CHECK AVAILABILITY