Introduction
The Check Point Certified Security Engineering course is an advanced 3-day course that teaches an understanding of upgrading and advanced configuration of Check Point software blades, installing and managing VPNs (on both internal and external networks), gaining the maximum security from Security Gateways, and resolving Gateway performance issues. Learn How To: – Backup your Security Gateway and Management Server – Build, test and troubleshoot a clustered Security Gateway – Upgrade and troubleshoot a Management Server – Configure and maintain security acceleration solutions – Manage, test and optimize corporate VPN tunnels. This course validates your understanding and skills necessary to configure and optimally manage Check Point Next Generation Firewalls.
Audience profile
This course is intended primarily for:
- System Administrators
- Support Analysts
- Security Managers
- Network Engineers
- Technical professionals who support, install deploy or administer advanced deployment configurations of Check Point Software Products
Pre-requisites
In addition to their professional experience, students who attend this training should already have the following technical knowledge:
- General Knowledge of TCP/IP
- Security Administration course or CCSA certification (R81 not R77)
- Working knowledge of Windows and/or UNIX, Network technology, the internet and TCP/IP
Course objectives
After completing this course, students will be able to:
- Provide an overview of the upgrade service and options available
- Explain how to perform management upgrade and migration
- Articulate the process using CPUSE features
- Articulate the purpose and function of Management High Availability
- Explain Primary vs Secondary, Active vs Standby and Synchronization
- Explain disaster recovery steps in case the primary management server becomes unavailable
- Provide overview of Central Deployment in SmartConsole
- Articulate an understanding of Security Gateway cluster upgrade methods
- Explain about Multi Version Cluster (MVC) upgrades
- Discuss Gaia Commands and how they are used
- Explain the main processes on s and s
- Describe how to work with scripts and SmartTasks to configure automatic actions
- Explain the Management Data Plane Separation (MDPS)
- Explain kernel operations and traffic flow
- Articulate Dynamic and Updatable Objects in Security Gateways
- Explain the policy installation flow and files used
- Describe the use of policy installation history
- Explain concurrent and accelerated install policy
- Describe an overview of APIs and ways to use and authenticate
- Explain how to make changes in GAIA and management configuration
- Explain how to install policy using API
- Explain how to determine if the configuration is compliant with the best practices
- Explain how to set action items to meet the compliance
- Discuss how SmartEvent functions to identify critical security issues
- Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance
- Describe how the CoreXL acceleration technology enhances and
- Improves Security Gateway performance
- Articulate how utilizing multiple traffic queues can make traffic handling more efficient
- Discuss Site-to-Site VPN basics, deployment and communities
- Describe how to analyze and interpret VPN tunnel traffic
- Explain Link Selection and ISP Redundancy options
- Explain tunnel management features
- Discuss Check Point Remote Access solutions and how they differ from each other
- Describe how client security can be provided by Remote Access
- Explain authentication methods including machine authentication
- Explain Multiple Entry Point (MEP)
- Discuss the Mobile Access Software Blade and how it secures communication and data exchange during remote connections
- Describe Mobile Access deployment options
- Discuss various features in Mobile Access like Portals, Link
- Translation, running Native Applications, Reverse Proxy and more
- Explain basic concepts of Clustering and ClusterXL
- Explain about Cluster Control Protocol (CCP) and synchronization
- Describe advanced ClusterXL functions and modes like Load Sharing
- Active-Active, VMAC mode etc
- Discuss Cluster Correction Layer (CCL) to provide connection stickiness
- Advanced Logs and Monitoring
- Describe the components of SmartEvent and their deployment options
- Discuss how SmartEvent can assist in reporting security threats
- Explain how to customize event definitions and set an Event Policy
Course content
| Module 1: Management Upgrade and Migration |
| Module 2: Management High Availability |
| Module 3: Security Gateway Upgrade |
| Module 4: Advanced Check Point Maintenance |
| Module 5: Security Gateway Operations |
| Module 6: Policy Installation |
| Module 7: Gaia and Management APIs |
| Module 8: Acceleration |
| Module 9: Site-to-Site VPN |
| Module 10: Remote Access VPN |
| Module 11: Mobile Access VPN |
| Module 12: Clustering |
| Module 13: Advanced Logs and Monitoring |
| LABs: |
- Upgrading a Security Management Server to R80.20
|
|
- Applying Check Point Hotfixes
|
|
- Configuring a New Security Gateway Cluster
|
- Evaluating Threats with SmartEvent
|
- Core CLI Elements of Firewall Administration
|
|
- Configuring Manual Network Address Translation
|
- Understanding IPS Protections
|
- Enabling Check Point VRRP
|
- Deploying IPS Geo Protection
|
- Deploying a Secondary Security Management Server
|
- Reviewing Threat Prevention Settings and Protections
|
- Viewing the Chain Modules
|
- Deploying Threat Emulation and Threat Extraction
|
Associated Certifications & Exam
This course helps prepare for CCSE R81 #156-315.81.20 certification exam. Students must have a valid CCSA certification before challenging the CCSE exam.
Students should have at least 6 months to 1 year experience with Check Point products is recommended and must have passed the CCSA exam before challenging the exam.
A Check Point User Center or PartnerMAP account is required to receive benefits for Check Point certifications. The Check Point Account Services team will be able to verify student information.
The exam contains 90 multiple-choice questions to be completed in 90 minutes, exam covers the following topics:
- Check Point Technology Overview
- Deployment Platforms and Security Policies
- Monitoring Traffic and Connections
- Network Address Translations
- User Management and Authentication
- Using SmartUpdate
- Implementing Identity Awareness
- Configuring VPN tunnels
- Resolving security administration issues
On successful completion of this course students will receive a Torque IT attendance certificate.
