Skip Ribbon Commands
Skip to main content
Version HistoryVersion History

Course ID

CCSA

Title

Check Point Security Administration

Price

$3,000.00

Duration

3 Days

Audience

 

Level

 

Delivery Method

 

Software Assurance

 

Microsoft CPE

 

Course Audience

​This course is recommended for Systems Administrators, Support Analysts, Security Engineers, Network Engineers and any other IT professional seeking CCSA certification

Course Objectives

​Students who need to support, install, deploy or administer Check Point Software Blades, will learn the skills necessary to work with Check Point Security Administration featuring R77 GAiA:

  • Introduction to check point technology
  • Deployment platforms
  • Introduction to the security policy
  • Monitoring traffic and connections
  • Using SmartUpdate
  • User management and authentication
  • Identity awareness
  • Introduction to Check Point VPNs

Course Description

​Check Point Security Administration (R77 GAiA) provides you with an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course, you will configure a Security Policy and learn about managing and monitoring a secure network, upgrading and configuring a Security Gateway, and implementing a virtual private network.

Course Prerequisites

​Prior to taking this course, it is recommended that learners possess the following: General knowledge of TCP/IP Working knowledge of Windows, UNIX, network technology, and the Internet

Course Outline

  1.  Describe Check Point's unified approach to network management and its key elements
  2.  Design a distributed environment
  3.  Install the Security Gateway in a distributed environment
  4.  Perform a backup and restore the current Gateway installation from the command line
  5.  Identify critical files needed to purge (or backup), import and export users and groups, and add (or delete) administrators from the command line
  6.  Deploy Gateways using the Gaia web interface
  7.  Create and configure network, host, and gateway objects 
  8.  Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  9.  Create a basicRule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  10.  Configure NAT rules on Web and Gateway servers
  11.  Evaluate existing policies and optimize the rules based on corporate  requirements
  12.  Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
  13.  Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
  14.  Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
  15.  Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity, and monitor remote user access
  16.  Monitor remote gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
  17.  Use SmartUpdate to apply upgrade packages to single or multiple VPN-1Gateways
  18.  Upgrade and attach product licenses using SmartUpdate
  19.  Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
  20.  Manage users to access the corporate LAN by using external databases
  21.  Use Identity Awareness to provide granula- level access to network resources
  22.  Acquire user information used by the Security Gateway to control access
  23.  Define access roles for use in an Identity Awareness rule
  24.  Implement Identity Awareness in the Firewall Rule Base
  25.  Configure a pre-shared secret site-to-site VPN with partner sites
  26.  Configure permanent tunnels for remote access to corporate resources
  27.  Configure VPN tunnel sharing, given the difference between host-based, subunit-based, and gateway- based tunnels
   Hands On Labs 

Lab 1: Distributed Installations
Lab 2: Stand-alone Security Gateway Installations 
Lab 3: Common Tools
Lab 4: Building a Security Policy
Lab 5: Configure the DMZ
Lab 6: Configure NAT
Lab 7: Monitor with SmartView Tracker
Lab 8: Client Authentication
Lab 9: Identity Awareness
Lab 10: Site-to-Site VPN between corporate and branch office

Status

Active

Technology

Security

Category

IT Skills Training

SubCategory

 

Details

Check Point Security Administration (CCSA)

Attachments

Version: 5.0
Created at 5/19/2015 2:43 PM by Cole
Last modified at 2/16/2018 2:55 PM by Gaige Heiner