Check Point Certified Security Administration (CCSA) R80.x

Print Friendly, PDF & Email

Em pré-inscrição. Entre em contacto para obter mais informações.

Nível Avançado | 21 horas | Laboral: 3 dias | Pós-Laboral: 6 dias

Oferta do Exame de Certificação.

Apresentação

This course covers everything you need to start-up, configure and manage daily operations of Check Point Security Gateway and Management Software Blades systems on the GAiA operating system.

How You Will Benefit

  • Be prepared to defend against network threats
  • Evaluate existing security policies and optimize the rule base
  • Manage user access to corporate LANs
  • Monitor suspicious network activities and analyze attacks
  • Troubleshoot network connections
  • Implement Check Point backup techniques

Destinatários

Technical persons who support, install, deploy, or administer Check Point Software Blades should attend this course. This could include the following:

  • System administrators
  • Support analysts
  • Security managers
  • Network engineers
  • Anyone seeking CCSA certification

Objetivos

Learn How To:

  • Install the security gateway in a distributed environment
  • Configure rules on Web and Gateway servers
  • Create a basic rule base in SmartDashboard and assign permissions
  • Schedule backups and seamless upgrades with minimal downtime
  • Monitor and troubleshoot IPS and common network traffic

Pré-requesitos

  • General knowledge of TCP/IP
  • Working knowledge of Windows, UNIX, network technology, and the Internet

Programa

  • Install R80.10 management and a security gateway in a distributed environment
  • Configure objects, rules, and settings to define a security policy
  • Work with multiple concurrent administrators and define permission profiles
  • Configure a Virtual Private Network and work with Check Point clustering
  • Perform periodic administrator tasks as specified in administrator job descriptions
  • Check Point’s unified approach to network management and its key elements
  • Design a distributed environment
  • Install the Security Gateway in a distributed environment
  • Perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge or backup, import and export users and groups, and add or delete administrators from the command line
  • Deploy Gateways using the GAiA web interface
  • Create and configure network, host, and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  • Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on current corporate requirements
  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
  • Use Queries in SmartView Tracker to monitor IPS and common network traffic and trouble-shoot events using packet data
  • Use packet data to generate reports, trouble-shoot system and security issues, and ensure network functionality
  • Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s sta-tus, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
  • Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways
  • Upgrade and attach product licenses using SmartUpdate
  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
  • Manage users to access the corporate LAN by using external databases
  • Use Identity Awareness to provide granular level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base
  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources
  • Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels

Pedido de Informação