CCSA

ccna-banner

COURSE TOPICS

  • Introduction to Check Point Technology
  • Deployment Platforms
  • Introduction to the Security Policy
  • Monitoring Traffic and Connections
  • Network Address Translation
  • Using Smart Update
  • User Management and Authentication
  • Identity Awareness
  • Introduction to Check Point VPNs

Describe Check Point's unified approach to network management, and the key elements of it

  • Design a distributed environment & Install the Security Gateway in a distributed environment
  • Perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge or backup, import and export users and
  • groups and add or delete administrators from the command line
  • Deploy Gateways using the Gaia web Interface Create and configure network, host and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using Smart Dashboard
  • Create a basic Rule Base in Smart Dashboard that includes permissions for administrative users,
  • external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on current corporate requirements
  • Maintain the Security Management Server with scheduled backups and policy
  • versions to ensure seamless upgrades with minimal downtime
  • Using Smart View Monitor, configure alerts and traffic counters, view a Gateway's status,
  • monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
  • Monitor remote Gateways using Smart Update to evaluate the need for upgrades, new
  • installations, and license modifications
  • Use Smart Update to apply upgrade packages to single or multiple VPN-1 Gateways
  • Upgrade and attach product licenses using Smart Update
  • Centrally manage users to ensure only authenticated users securely access the
  • corporate network either locally or remotely
  • Manage users to access the corporate LAN by using external databases
  • Use Identity Awareness to provide granular level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base
  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources

LAB EXERCISES INCLUDE

  • Distributed Installations and SIC
  • Stand-alone Security Gateway Installations
  • Common Tools
  • Building a Security Policy
  • Configure the DMZ
  • Configure NAT
  • Monitor with Smart View Tracker
  • Client Authentication
  • Identity Awareness
  • Site-to-Site VPN between corporate and branch office