Duration: 3 Days
This advanced course teaches you how to effectively build, modify, deploy, and troubleshoot Check Point Security systems on the GAiA OS. You will learn about firewall processes, user and kernel processing, and Stateful Inspection. Labs include configuring security gateways, implementing VPNs, and performing advanced troubleshooting tasks on the firewall.
Certification:
This course helps prepare you for CCSE exam #156-315.13, which is available at VUE test centers www.vue.com/checkpoint. It contains 90 multiple-choice, scenario-based questions. A passing score is 70% or higher in 120 minutes. The exam is based on 80% course materials and 20% hands-on experience with Check Point products. Students must have a valid CCSA certification before challenging the CCSE exam.
What You Will Learn
- Check Point firewall technology
- Troubleshooting Check Point firewall technology
- Advanced upgrading concepts and practices
- Clustering firewall, management concepts, and practices
- Software acceleration features
- Advanced VPN concepts and implementations
- Reporting tools, deployment options, and features
Audience
- System administrators
- Support analysts
- Network engineers
- Anyone seeking CCSE certification
Prerequistes
- Knowledge of network security
- An understanding of UNIX and Windows operating systems, certificate management, system administration, networking (TCP/IP)
- A Check Point Security Administration course or CCSA certification
Course Outline
1. Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports
2. Upgrade and troubleshoot a Management Server using a database migration
3. Upgrade and troubleshoot a clustered Security Gateway deployment
4. Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes
5. Build, test, and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
6. Build, test, and troubleshoot a ClusterXL High Availability deployment on an enterprise network
7. Build, test, and troubleshoot a management HA deployment on an enterprise network
8. Configure, maintain, and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement
9. Using an external user database (such as LDAP), configure User Directory to incorporate user information for authentication services on the network
10. Manage internal and external user access to resources for remote access or across a VPN
11. Troubleshoot user access issues found when implementing Identity Awareness
12. Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files, and command-line debug tools
13. Optimize VPN performance and availability by using link selection and multiple entry point solutions
14. Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community, including other VPN providers
15. Create events (or use existing event definitions) to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry-compliance information to management
16. Troubleshoot report generation given command-line tools and debug-file information
Course Labs
Lab 1: Upgrade to Check Point R76
Lab 2: Core CLI elements of firewall administration
Lab 3: Migrate to a clustering solution
Lab 4: Configure SmartDashboard to interface with Active Directory
Lab 5: Configure site-to-site VPNS with third-party certificates
Lab 6: Remote access with Endpoint Security VPN
Lab 7: SmartEvent and SmartReporter
