Check Point Certified Security Administrator and Expert R77 Bootcamp - Særpris!

Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include the following:

• System Administrators
• Support Analysts
• Security Managers
• Network Engineers
• Anyone seeking CCSA certification

• Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports
• Upgrade and troubleshoot a Management Server using a database migration
• Upgrade and troubleshoot a clustered Security Gateway deployment
• Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes
• Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
• Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network
• Build, test and troubleshoot a management HA deployment on an enterprise network
• Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement
• Using an external user database such as LDAP, configure User Directory to incorporate user information for authentication services on the network
• Manage internal and external user access to resources for Remote Access or across a VPN
• Troubleshoot user access issues found when implementing Identity Awareness
• Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files and command-line debug tools
• Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions
• Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers
• Create events or use existing event definitions to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry compliance information to management
• Troubleshoot report generation given command-line tools and debugfile information
• Describe Check Point’s unified approach to network management, and the key
  elements of it
• Design a distributed environment
• Install the Security Gateway in a distributed environment
• Perform a backup and restore the current Gateway installation from the command line
• Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
• Deploy Gateways using the Gaia web interface
• Create and configure network, host and gateway objects
• Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
• Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
• Configure NAT rules on Web and Gateway servers
• Evaluate existing policies and optimize the rules based on current corporate requirements
• Maintain the Security Management Server with scheduled backups and policy
  versions to ensure seamless upgrades with minimal downtime
• Use Queries in SmartView Tracker to monitor IPS and common network traffic
  and trouble¬shoot events using packet data
• Use packet data to generate reports, trouble¬shoot system and security issues, and ensure network functionality
• Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
• Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
• Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
• Upgrade and attach product licenses using SmartUpdate
• Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
• Manage users to access the corporate LAN by using external databases
• Use Identity Awareness to provide granular level access to network resources
• Acquire user information used by the Security Gateway to control access
• Define Access Roles for use in an Identity Awareness rule
• Implement Identity Awareness in the Firewall Rule Base
• Configure a pre-shared secret site-to-site VPN with partner sites
• Configure permanent tunnels for remote access to corporate resources
• Configure VPN tunnel sharing, given the difference between host-based,
  subunit-based and gateway-based tunnels

• Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports
• Upgrade and troubleshoot a Management Server using a database migration
• Upgrade and troubleshoot a clustered Security Gateway deployment
• Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes
• Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
• Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network
• Build, test and troubleshoot a management HA deployment on an enterprise network
• Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement
• Using an external user database such as LDAP, configure User Directory to incorporate user information for authentication services on the network
• Manage internal and external user access to resources for Remote Access or across a VPN
• Troubleshoot user access issues found when implementing Identity Awareness
• Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files and command-line debug tools
• Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions
• Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers
• Create events or use existing event definitions to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry compliance information to management
• Troubleshoot report generation given command-line tools and debugfile information
  

Successful completion of this course depends on knowledge of multiple disciplines related to network-security activities including UNIX and Windows operating systems, Certificate management, system administration, networking (TCP/IP) knowledge, and Check Point Security Administration course/CCSA Certification. Persons attending this course should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet.