Advanced 3-day course teaches how to build, modify, deploy and troubleshoot Check Point Security Systems on the GAiA operating system..
Security Engineering (Check Point Certified Security Expert (CCSE) R77)
Advanced 3-day course teaches how to build, modify, deploy and troubleshoot Check Point Security Systems on the GAiA operating system. Hands-on lab exercises teach how to debug firewall processes, optimize VPN performance and upgrade Management Servers. See course description.
Course Objectives Learn How To:
- Backup your Security Gateway and Management Server
- Build, test and troubleshoot a clustered Security Gateway
- Upgrade and troubleshoot a Management Server
- Configure and maintain security acceletration solutions
- Manage, test and optimize corporate VPN tunnels
- Security Administration Course or CCSA certification (R70 or later)
- Windows Server, UNIX and networking skills and TCP/IP experience
- Certificate management and system adminstration.
How You Will Benefit:
- Build, test and troublehoot numerous deployment scenarios
- Apply insider tips troubleshooting Check Point Security Systems
- Manage user access to corporate LANs
- Migrate to a clustering security solution
- Create events for compliance reporting
- Manage internal and external access to corporate resources
Exam Information What You Need To Know:
- Check Point Technology Overview
- Deployment Platforms and Security Policies
- Monitoring Traffic and Connections
- Network Address Translations
- User Management and Authentication
- Using SmartUpdate
- Implementing Identity Awareness
- Configuring VPN tunnels
- Resolving security administration issues
- CCSA Certification R70 or later
- CCSA Certification R70 or later
- Check Point User Center account
- VUE Test Center account
- How You Will Benefit:
- CCSA’s rank higher than other security vendor professionals
- Validation you have the skills to implement the latest network security advancements
- Certified Professionals community, newsletter and special web access
What You Need To Know – If you have any CCSE certification, you can save time and maintain your certification with the CCSE Update exam! The CCSE Update only tests your knowledge on the latest product release. To prepare you should train or study the full CCSE course.
Chapter 1—Advanced Firewall
Using your knowledge of Security Gateway infrastructure including chain modules, packet flow and kernel tables, perform debugs on firewall processes.
Chapter 2—Advanced Upgrading
- Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots, and upgrade-exports.
- Upgrade and troubleshoot a Management Server using a database migration.
- Upgrade and troubleshoot a clustered Security Gateway deployment.
Chapter 3—Advanced User Management
- Using an external user database such as LDAP, configure SmartDirectory to incorporate user information for authentication services on the network.
- Manage internal and external user access to resources for Remote Access or across a VPN.
- Troubleshoot user access issues found when implementing Identity Awareness.
Chapter 4—Advanced Clustering and Acceleration
- Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network.
- Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network.
- Build, test and troubleshoot a management HA deployment on an enterprise network.
- Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement on the firewall.
Chapter 5—Advanced IPsec VPN and Remote Access
- Using your knowledge of fundamental VPN tunnel concepts, troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKEView, VPN log files and command-line debug tools.
- Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions.
- Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers.
Chapter 6—SmartReporting and SmartEvent
- Create Events or use existing event definitions to generate reports on specific network traffic using SmartReporting and SmartEvent in order to provide industry compliance information to management.
- Using your knowledge of SmartEvent architecture and module communication, troubleshoot report generation given command-line tools and debug-file information.