Checkpoint Security Expert
The in-depth explanation of Check Point technology and knowledge of the abilities required to efficiently design, maintain, optimise, and defend your company network from aggressive cyber threats are provided by this advanced three-day security engineering course.
The R81.10 Check Point Security Systems are built, modified, deployed, and troubleshooted in an advanced three-day training using the GAiA operating system. Practical lab exercises show how to upgrade Management Servers, optimise VPN performance, and debug firewall operations.
Learn How To
- R81.1 Security Gateway and Management Server backups
- Create, evaluate, and resolve issues with a clustered Security Gateway
- Repair and upgrade a management server
- Set up and manage security augmentation tools
- Monitor, evaluate, and improve business VPN tunnels
Prerequisites
- Taking a security administration course or earning your CCSA (R80 or higher)
- Windows Server, UNIX, networking, and TCP/IP expertise
- System administration and certificate management
AUDIENCE Technical Professionals who architect, upgrade, maintain, and support Check Point products |
GOALS Learn advanced concepts and develop skills necessary to design, deploy, and upgrade Check Point Security environments. |
PREREQUISITES CCSA Training or Certification, fundamental Unix and Windows knowledge, certificate management experience, system administration and networking knowledge. |
OBJECTIVES
• Provide a summary of the upgrade service and the available options.
• Describe the management upgrade and migration processes.
• Using CPUSE features, describe the procedure.
• Clearly state Management High Availability’s goal and role.
• Describe synchronisation, active vs. standby, and primary vs. secondary.
• Outline the methods for disaster recovery in the event that the main administration server is down.
• Provide a brief summary of SmartConsole’s Central Deployment.
• Demonstrate knowledge of Security Gateway cluster upgrade techniques.
• Describe upgrades for Multi Version Clusters (MVC).
• Talk about Gaia Commands and how to use them.
• Describe the key operations on s and s.
• Explain how to configure automatic actions using SmartTasks and scripts.
Explain kernel activities and traffic flow. Describe Management Data Plane Separation (MDPS).
• Create updatable dynamic objects in security gateways.
• Describe the files and the process used for installing policies.
• Explain the history of how the policy was installed.
• Describe the simultaneous and expedited install policies.
• Outline the various APIs and how to utilise and authenticate them.
• Describe the various management configuration and GAIA change procedures.
• Describe the installation of policy via API.
CERTIFICATION\sINFORMATION CCSE
Exam #156-315.81 VUE.com/Checkpoint preparation
• Describe how the performance of the Security Gateway is improved and optimised by the SecureXL acceleration technology.
• Explain the enhancements and improvements made to the Security Gateway’s performance via CoreXL acceleration technology.
• Describe how using several traffic lines might improve traffic management effectiveness.
• Go about the fundamentals, deployment, and communities of site-to-site VPNs.
• Explain the methods for deciphering and analysing VPN tunnel traffic.
• Describe the choices for ISP Redundancy and Link Selection.
• Describe the features of tunnel management.
• Examine the variations among Check Point Remote Access systems.
• Explain the ways in which remote access can offer client security.
• Describe several types of authentication, such as machine authentication.
• Describe the Multiple Entry Point (MEP).
• Talk about how the Mobile Access Software Blade ensures data transfer and communication during remote connections.
• List possible methods for deploying Mobile Access.
• Talk about various mobile access features, such as reverse proxies, link translation, running native applications, and portals.
• Describe the fundamental ideas of ClusterXL and Clustering.
• Describe synchronisation and the Cluster Control Protocol (CCP).
• Explain sophisticated ClusterXL modes and functionalities such VMAC mode, Active-Active mode, and load sharing.
• Talk about the Cluster Correction Layer (CCL), which offers connection stickiness.
• Enhanced Monitoring and Logging
Objectives (contd.)
• Describe the steps to take in order to check whether the setup complies with best practises.
• Specify how to create action items to ensure compliance.
• Describe the ways in which Smart & Event works to find important security flaws.
EXERCISES
• Prepare for a Security Management Server Upgrade
• Upgrade the Security Management Server
• Deploy a Secondary Security Management Server
• Configure a Distributed Log Server
• Upgrade a Security Gateway from SmartConsole
• Work with the Command Line
• Use Scripts and SmartTasks
• Configure Dynamic Objects
• Monitor Traffic
• Verify Policy Installation and Status
• Work with Gaia and Management APIs
• Work with Acceleration Features
• Configure a Locally Managed Site to Site VPN
• Configure a Site to Site VPN with an Interoperable Device
• Configure Remote Access VPN
• Configure Mobile Access VPN
• Configure a High Availability Cluster
• Work with ClusterXL
• Configure Policy Compliance
• Deploy SmartEvent
• Describe the components of SmartEvent and their deployment
options.
• Discuss how SmartEvent can assist in reporting security threats.
• Explain how to customize event definitions and set an Event Policy.