Check Point Security Administration Training (CCSA R77.30)

Check Point Security Administration Training (CCSA R77.30)


Check Point Security Administration (R77.30 GAiA) provides you with an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course, you will configure a Security Policy and learn about managing and monitoring a secure network, upgrading and configuring a Security Gateway, and implementing a virtual private network.

Check Point Security Administration Training (CCSA R77.30)Related Courses:

Duration:3 days

Skills Gained:

Students who need to support, install, deploy or administer Check Point Software Blades, will learn the skills necessary to work with Check Point Security Administration featuring R77 GAiA:

• Introduction to check point technology
• Deployment platforms
• Introduction to the security policy
• Monitoring traffic and connections
• Using SmartUpdate
• User management and authentication
• Identity awareness
• Introduction to Check Point VPNs

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

Course Content:

Course Outline

Describe Check Point's unified approach to network management and its key elements
Design a distributed environment
Install the Security Gateway in a distributed environment
Perform a backup and restore the current Gateway installation from the command line
Identify critical files needed to purge (or backup), import and export users and groups, and add (or delete) administrators from the command line
Deploy Gateways using the Gaia web interface
Create and configure network, host, and gateway objects
Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
Create a basicRule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
Configure NAT rules on Web and Gateway servers
Evaluate existing policies and optimize the rules based on corporate requirements
Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity, and monitor remote user access
Monitor remote gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
Use SmartUpdate to apply upgrade packages to single or multiple VPN-1Gateways
Upgrade and attach product licenses using SmartUpdate
Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
Manage users to access the corporate LAN by using external databases
Use Identity Awareness to provide granula- level access to network resources
Acquire user information used by the Security Gateway to control access
Define access roles for use in an Identity Awareness rule
Implement Identity Awareness in the Firewall Rule Base
Configure a pre-shared secret site-to-site VPN with partner sites
Configure permanent tunnels for remote access to corporate resources
Configure VPN tunnel sharing, given the difference between host-based, subunit-based, and gateway- based tunnels

Hands On Labs

Lab 1: Distributed Installations
Lab 2: Stand-alone Security Gateway Installations
Lab 3: Common Tools
Lab 4: Building a Security Policy Lab 5: Configure the DMZ
Lab 6: Configure NAT
Lab 7: Monitor with SmartView Tracker Lab 8: Client Authentication
Lab 9: Identity Awareness
Lab 10: Site-to-Site VPN between corporate and branch office
Request More Information

    Time Frame: 0-3 Months4-12 Months

    Print Friendly, PDF & Email