Check Point Security Administrator R75 (CCSA R75)

3 days

Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include the following: system administrators, system engineers, security managers and network engineers.

Persons attending this course should have a working knowledge of networking concepts, Windows Server and/or UNIX, and experience with TCP/IP and the Internet.

Check Point Security Administrator is a foundation course for Check Point’s Security Management and Gateway Systems. This 3-day course provides hands-on training to attain the skills necessary to configure R75 Check Point Software Blades including Firewall, IPSEC VPN, IPS, Network Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivirus/Anti-malware, Anti-spam & Email Security. During this course, students will configure a Security Policy, secure communications across the Internet and defend against network threats.

COURSE TOPICS 

• Check Point Technology Overview

• Check Point Software Blades
• Deployment Platforms
• Introduction to Security Policy
• Monitor Traffic and Connections
• Use SmartUpdate
• Upgrade to R75
• User Management and Authentication
• Encryption and VPNs 
• Introduction to VPNs 
• Messaging and Content Security
• Check Point IPS 

LAB EXERCISES INCLUDE

• Install and configure a Security Management Server
• Configure a Security Gateway
• Launch SmartDashboard 
• Configure a Branch Gateway
• Create Rules for Corporate Gateway
• Create a DMZ Object 
• Observe NAT using fw monitor 
• Launch SmartView Tracker 
• Download HFA Package
• Create a VPN Community
• Test VPN Connection 
• Save a Certificate for Export
• Modify Rule Base
• Install and Verify Security Gateway Configuration
• Test Encryption with Certificates
• Create a Remote Access Group
• Configure Office Mode IP Pool
• Test Remote Connection
• Analyze Attacks
• Configure IPS to Block Attacks

€2150,00 (Excl. BTW, including trainingmaterial and lunches.)

Course objectives include

• Describe Check Point’s unified approach to network management, and the key elements of it
• Design a distributed environment
• Install the Security Gateway version R75 in a distributed environment
• Perform a backup and restore the current Gateway installation from the command line
• Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
• Deploy Gateways using sysconfig and cpconfig from the Gateway command line
• Create and configure network, host and gateway objects
• Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
• Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
• Configure NAT rules on Web and Gateway servers
• Evaluate existing policies and optimize the rules based on current corporate requirements
• Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
• Use Queries in SmartView Tracker to monitor IPS and common network traffic and trouble­shoot events using packet data
• Use packet data to generate reports, trouble­shoot system and security issues, and ensure network functionality
• Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
• Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
• Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
• Upgrade and attach product licenses using SmartUpdate
• Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
• Manage users to access the corporate LAN by using external databases
• Use Identity Awareness to provide granular level access to network resources
• Acquire user information used by the Security Gateway to control access
• Define Access Roles for use in an Identity Awareness rule
• Implement Identity Awareness in the Firewall Rule Base
• Configure a pre-shared secret site-to-site VPN with partner sites
• Configure permanent tunnels for remote access to corporate resources
• Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels
•  

Certification Information

This course helps prepare for CCSA R75 exam # 156-215.75 available at VUE test centers www.vue.com/checkpoint. It contains 90 multiple-choice, scenario-based questions. A passing score is 70% or higher in 120 minutes. The exam is based on 80% course materials and 20% hands-on experience with Check Point products. Students should have at least 6 months experience with Check Point products before challenging it.