A2513

Check Point Security Expert R70

The Check Point Security Expert course provides an understanding of advanced concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course, you will process a Change Request, implement Provisioning, and configure SSL VPN remote access. In addition, you will deploy HA, and configure your network for advanced routing features such as VTIs, while employing the Eventia suite for advanced reporting and monitoring options.

Audience:

  • You are a systems administrator, security manager, or network engineer who deploys R70 Security Gateway deployments on open servers, IP appliances, UTM-1 appliances, or Power-1 appliances.
  • Want to earn Check Point Certified Security Expert (CCSE) R70 certification

You will learn:

  • Define Management Portal aides
  • Extend access to network policy settings
  • Use SmartWorkflow to track, approve and audit Security Policy changes
  • Assess policy life-cycle and change management
  • Use SmartProvisioning as a centralized management tool
  • Define SmartProvisioning deployment and management scenarios
  • Use profile-based management
  • Identify SSL VPN roles
  • Assess security acceleration requirements
  • Assess multi-core CPU with SecureXL benefits
  • Identify High Availability limitations
  • Set up multiple Security Gateway cluster configurations
  • Use Advanced Routing protocols
  • Apply Load Balancing configurations
  • Produce network-traffic audit reports
  • Apply intrusion event analysis
  • Monitor and analyze alerts to track and identify network intrusions

Exercises:

Lab Environment Setup

  • Build the Management Server
  • Build Gateways
  • Install and configure NTP
  • Upgrade to R70.1
  • Establish SIC

Management Portal

  • Configure Management Portal on corporate site
  • Test Management Portal access
  • Configure Management Portal access on partner site
  • Test Management Portal

SmartWorkflow

  • Create New Administrators
  • Configure SmartWorkflow
  • Open and Submit a Session for Approval
  • Disapprove the Session and Request a Modification
  • Approve the Session and Install the Policy
  • Disable SmartWorkflow

SmartProvisioning

  • Enable SmartProvisioning
  • Create New Profile
  • Assign Profile to Gateways
  • Verify Profile Changes

SSL VPN

  • Configure Connectra R66 Gateway
  • Enable Connectra Gateway in SmartDashboard
  • Create a file-share application in the SSL VPN tab
  • Create an Internal User
  • Assign file-share access to User Group
  • Update Rule Base for DMZ traffic
  • Verify file-share access through the User Portal
  • Configure embedded RDP
  • Shutdown and remove Connectra Server

SecureXL

  • Enable and Configure SecureXL on the Gateway
  • Open connections and verify acceleration

Deploying New Mode HA

  • Create and configure a secondary cluster member
  • Configure Gateway-Cluster object
  • Configure ClusterXL properties
  • Modify the Rule Base
  • Pass traffic through the cluster
  • Observe cluster status in SmartView Monitor
  • Perform test failovers

Load Sharing Modes

  • Configure Load Sharing Unicast mode
  • Test Load Sharing Unicast mode
  • Configure Load Sharing Multicast mode
  • Test Load Sharing Multicast mode

VPN with Sticky Decision Function

  • Configure VPN in a Cluster
  • View a packet capture of FTP connections without Sticky Decision function
  • View a packet capture of FTP connections with Sticky Decision function

Configure Check Point QoS Policy

  • Enable and Configure Check Point QoS
  • Create Check Point QoS Rules and adjust Rule weights
  • Verify and install Policy
  • Test QoS Policy

Route-based VPNs with Static Routes

  • Configure Gateway and VPN Community objects
  • Add participating Gateway to Community
  • Configure VTI's on participating Gateways
  • Add Static Routes for internal networks

Eventia Analyzer

  • Install the Eventia Suite on CG_Corporate
  • Configure the network object in SmartDashboard
  • Configure Eventia
  • Monitor events with Eventia

Fakta

Kurs
A2513
Längd
5 dagar
Pris
29.000 kr (exkl. moms)
Bookmark and Share

Förkunskaper

Check Point Security Administration R70, or equivalent knowledge and experience

Kursmaterial

Check Points officiella kursmaterial på engelska.

I samarbete med:

Kontakta oss
för mer information:

08 - 587 116 10 (Stockholm)
031 - 773 07 90 (Göteborg)
040-662 20 60 (Malmö)
info@informator.se

 
Gold Partner
Novell Partner