Check Point CCSA NGX R71 Course Overview

1,466
-1

Published on

Check Point CCSA NGX R71 Course Overview

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,466
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Check Point CCSA NGX R71 Course Overview

  1. 1. Check Point Security Administration NGX I Course Overview
  2. 2. <ul><li>Course Description </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><ul><li>Describe Check Point’s unified approach to network management, and the key elements of this architecture </li></ul></ul></ul><ul><ul><ul><li>Design a distributed environment using the network detailed in the course topology </li></ul></ul></ul><ul><ul><ul><li>Install the Security Gateway version R71 in a distribute environment using the network detailed in the course topology </li></ul></ul></ul><ul><ul><ul><li>Given Check Point’s latest integration of CoreXL technology, select the best security solution for your corporate environment </li></ul></ul></ul><ul><ul><ul><li>Given network specifications, perform a backup and restore the current Gateway installation from the command line </li></ul></ul></ul>Check Point Security Administration NGX R71 I
  3. 3. <ul><li>Course Description </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><ul><li>Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line </li></ul></ul></ul><ul><ul><ul><li>Deploy Gateways using sysconfig and cpconfig from the Gateway command line </li></ul></ul></ul><ul><ul><ul><li>Use the Command Line to assist support in troubleshooting common problems on the Security Gateway </li></ul></ul></ul><ul><ul><ul><li>Given the network topology, create and configure network, host and gateway objects </li></ul></ul></ul><ul><ul><ul><li>Verify SIC establishment between the SmartCenter Server and the Gateway using SmartDashboard </li></ul></ul></ul><ul><ul><ul><li>Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use </li></ul></ul></ul>Check Point Security Administration NGX R71 I
  4. 4. <ul><li>Course Description </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><ul><li>Configure NAT rules on Web and Gateway servers </li></ul></ul></ul><ul><ul><ul><li>Evaluate existing policies and optimize the rules based on current corporate requirements </li></ul></ul></ul><ul><ul><ul><li>Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades and minimal downtime </li></ul></ul></ul><ul><ul><ul><li>Use queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data </li></ul></ul></ul><ul><ul><ul><li>Using packet data on a given corporate network, generate reports, troubleshoot system and security issues, and ensure network functionality </li></ul></ul></ul><ul><ul><ul><li>Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access based on corporate requirements </li></ul></ul></ul>Check Point Security Administration NGX R71 I
  5. 5. <ul><li>Course Description </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><ul><li>Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications </li></ul></ul></ul><ul><ul><ul><li>Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways </li></ul></ul></ul><ul><ul><ul><li>Upgrade and attach product licenses using SmartUpdate </li></ul></ul></ul><ul><ul><ul><li>Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely </li></ul></ul></ul><ul><ul><ul><li>Manage users to access to the corporate LAN by using external databases </li></ul></ul></ul><ul><ul><ul><li>Select the most appropriate encryption algorithm when securing communication over a VPN, based on corporate requirements </li></ul></ul></ul>Check Point Security Administration NGX R71 I
  6. 6. <ul><li>Course Description </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><ul><li>Establish VPN connections to partner sites in order to establish access to a central database by configuring Advanced IKE properties </li></ul></ul></ul><ul><ul><ul><li>Configure a pre-shared secret site-to-site VPN with partner sites </li></ul></ul></ul><ul><ul><ul><li>Configure a certificate based site-to-site VPN using one partner's internal </li></ul></ul></ul><ul><ul><ul><li>Configure a certificate based site-to-site VPN using a third-party CA </li></ul></ul></ul><ul><ul><ul><li>Configure permanent tunnels for remote access to corporate resources </li></ul></ul></ul><ul><ul><ul><li>Configure VPN tunnel sharing, given the difference between host-based, subnet-based and gateway-based tunnels </li></ul></ul></ul>Check Point Security Administration NGX R71 I
  7. 7. <ul><li>Course Description </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><ul><li>Configure Check Point Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection </li></ul></ul></ul><ul><ul><ul><li>Based on network analysis disclosing threats by specific sites, configure a Web-filtering and antivirus policy to filter and scan traffic </li></ul></ul></ul><ul><ul><ul><li>Implement default or customized profiles to designated Gateways in the corporate network </li></ul></ul></ul>Check Point Security Administration NGX R71 I
  8. 8. <ul><li>Course Layout </li></ul><ul><ul><li>Course Requirements </li></ul></ul><ul><ul><li>Prerequisites </li></ul></ul><ul><ul><li>Check Point Certified Security Administrator (CCSA) </li></ul></ul>Check Point Security Administration NGX R71 I
  9. 9. <ul><li>The course is geared towards </li></ul><ul><ul><li>System administators </li></ul></ul><ul><ul><li>Support analysts </li></ul></ul><ul><ul><li>Network engineers </li></ul></ul>Course Requirements
  10. 10. <ul><li>Each delegate should have : </li></ul><ul><ul><li>General knowledge of TCP/IP </li></ul></ul><ul><ul><li>Working knowledge of Windows and/or Unix </li></ul></ul><ul><ul><li>Working knowledge of network technology </li></ul></ul><ul><ul><li>Working knowledge of the Internet </li></ul></ul>Pre-requisites
  11. 11. <ul><li>Course Map </li></ul><ul><ul><li>Module 1: Check Point Technology Overview </li></ul></ul><ul><ul><li>Module 2: Deployment Platforms </li></ul></ul><ul><ul><li>Module 3: Introduction to the Security Policy </li></ul></ul><ul><ul><li>Module 4: Monitoring Traffic and Connections </li></ul></ul><ul><ul><li>Module 5: Using SmartUpdate </li></ul></ul><ul><ul><li>Module 6: Upgrading to R71 </li></ul></ul><ul><ul><li>Module 7: User Management and Authentication </li></ul></ul><ul><ul><li>Module 8: Encryption and VPNs </li></ul></ul><ul><ul><li>Module 9: Introduction to VPNs </li></ul></ul><ul><ul><li>Module 10: Messaging and Content Security </li></ul></ul>Course Map
  12. 12. <ul><li>Lab Setup </li></ul><ul><ul><li>Lab Topology </li></ul></ul><ul><ul><li>IP Addresses </li></ul></ul><ul><ul><li>Lab Terms </li></ul></ul><ul><ul><li>Lab Stations </li></ul></ul>Lab Setup
  13. 13. Lab Topology
  14. 14. NGX R71 Security Software Containers by Platform Software Blade Platform and Operating System Check Point Windows Linux Crossbeam Solaris Secure Platform IPSO 6.2 Diskbased IPSO 6.2 Flashbased Server 2003/ 2008 (SP1-2) 32bit RHEL 5.0 RHEL 5.4 kernel 2.6.18 32bit X-series UltraSPARC 8, 9, 10 Security Management X X X X X Security Gateway X X X X X Provider-1 MDS X X X
  15. 15. NGX R71 Security Gateway Software Blades by Platform Software Blade Platform and Operating System Check Point Windows Linux Crossbeam Solaris Secure Platform IPSO 6.2 Diskbased IPSO 6.2 Flashbased Server 2003/ 2008 (SP1-2) 32bit RHEL 5.0 RHEL 5.4 kernel 2.6.18 32bit X-series UltraSPARC 8, 9, 10 Firewall X X X X X IPSec VPN X X X X X IPS X X X X X SSL VPN X DLP X Anti-Virus & Anti-Malware X URL Filtering X Anti-Spam & Email Security X Web Security X X X X X Advanced Networking X Acceleration & Clustering (1) X X X X X
  16. 16. NGX R71 Security Management Software Blades by Platform Software Blade Platform and Operating System Check Point Windows Linux Crossbeam Solaris Secure Platform IPSO 6.2 Diskbased IPSO 6.2 Flashbased Server 2003/ 2008 (SP1-2) 32bit RHEL 5.0 RHEL 5.4 kernel 2.6.18 32bit X-series UltraSPARC 8, 9, 10 Network Policy Management X X X X X Endpoint Policy Management X X (2003 Only) Logging & Status X X X X X Monitoring X X X X X SmartProvisioning X X X X Management Portal (*) X X X X User Director X X X X X SmartWorkflow X X X X SmartEvent X X X SmartReporter X X X X
  17. 17. NGX R71 Minimum Requirement Security Management Server Component Windows Linux SecurePlatform on Open Server Solaris Processor Intel Pentium Processor E2140 or 2 GHz equivalent processor Intel Pentium Processor E2140 or 2 GHz equivalent processor Intel Pentium Processor E2140 or 2 GHz equivalent processor Sun UltraSPARC IV and higher Free Disk Space 1GB 1.5GB 10GB (installation includes OS 1GB Memory 1GB 1GB 1GB 512MB CD-ROM Drive Yes Yes Yes (Bootable) Yes Network Adapter One or more One or more One or more One or more
  18. 18. NGX R71 SmartConsole Hardware Requirements Component Windows Processor Intel Pentium Processor E2140 or 2 GHz equivalent processor Free Disk Space 500MB Memory 512MB CD-ROM Drive Yes Video Adapter Minimum resolution: 1024 x 76
  19. 19. End End of Course Overview

×