Course Topics Describe firewall architecture, design and comparison Licensing, installation and configuration of Check Point NGX

R70/71 Software Bal des Description of the security policy and its objects Interface and dashboard navigation Rule/ policy creation and management Understand Application Intelligence and IPS-1 technologies Enable IPS-1 global protection mechanisms Demonstrate the process for creating users and groups, including authentication methods Configuring User Authority and authentication mechanisms Implementation, configuration and management of NAT Configuring static and hide NAT Encryption and security VPN quick configuration and management Configuring the Firewall Blade to protect internal networks from common network attacks Implement directory integration Backup and restore of critical files Database revision control Implementing and enforcing Quaility Of Service Detect and block intrusions using Smart Tracker Troubleshooting and management of the check point Software Blade installations //////////////////////////// Check Point: Security Administrator R75Course Code: CPCCSA75 Days: 3

Online TrainingTime stretched? If you would prefer something more flexible, we can now offer Online Training re lated to this topic. Click to see a list of courses Course Overview Check Point Security Administrator is a foundation course for Check Point's Secu rity Management and Gateway Systems. This 3-day course provides hands-on training to attain the skills necessary to c onfigure R75 Check Point Software Blades including Firewall, IPSEC VPN, IPS, Net work Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivir us/Anti-malware, Anti-spam & Email Security. During this course, students will c onfigure a Security Policy, secure communications across the Internet and defend against network threats. Delegates that attend a Check Point training course are twice as motivated than those that don't? Related Courses Check Point Security Expert for R75 (CCSE) Check Point Security Administrator R75 CCSA and Expert R75 CCSE Bootcamp Audience Technical persons who support, install, deploy or administer Check Point Softwar e Blades should attend this course. This could include the following: system adm inistrators, system engineers, security managers and network engineers. Prerequisites Persons attending this course should have a working knowledge of networking conc epts, Windows Server and/or UNIX, and experience with TCP/IP and the Internet.

Course Outline Check Point Technology Overview Check Point Software Blades Deployment Platforms Introduction to Security Policy Monitor Traffic and Connections Use SmartUpdate Upgrade to R75 User Management and Authentication Encryption and VPNs Introduction to VPNs Messaging and Content Security Check Point IPS LAB EXERCISES INCLUDE: Install and configure a Security Management Server Configure a Security Gateway Launch SmartDashboard Configure a Branch Gateway Create Rules for Corporate Gateway Create a DMZ Object Observe NAT using fw monitor Launch SmartView Tracker Download HFA Package Create a VPN Community Test VPN Connection Save a Certificate for Export Modify Rule Base Install and Verify Security Gateway Configuration Test Encryption with Certificates Create a Remote Access Group Configure Office Mode IP Pool Test Remote Connection Analyze Attacks Configure IPS to Block Attacks //////////////////////////// Check Point Security Expert for R75 (CCSE)Course Code: CP-CCSER75 ying - Check dates Days: Var

Online TrainingTime stretched? If you would prefer something more flexible, we can now offer Online Training re lated to this topic. Click to see a list of courses Course Overview Check Point Security Expert is a three-day instructor-led hands-on course, deliv ering the advanced concepts and skills to optimise the R75 Check Point Software Blade architecture. This course is designed to help maximise the performance of your Check Point security deployment with real-world scenarios including Identit y Awareness, Clustering and Advanced VPN Concepts & Implementations. During the~ course you will set up multiple security gateway clusters, analyse network intru sion alerts and generate advanced network traffic reports. CourseMonster are unbiased and "vendor neutral" which means that we can find the right course for you or your company by looking at our entire database of Check Point training providers.

Related Courses Check Point: Security Administrator R75 Check Point Security Administrator R75 CCSA and Expert R75 CCSE Bootcamp Audience Technical persons who support, install, deploy or administer Check Point Softwar e Blades should attend this course. This could include the following: Systems Administrators, System Engineers, Security Managers and Network Managers Technical support personnel Channel Partners who want channel program benefits Check Point Certified Security Administrators (CCSA) who want to achieve advance d certification Skills Gained Delegates attending this course will learn how to: Use their knowledge of Security Gateway infrastructure including chain modules, packet flow and kernel tables to describe how to perform debugs on firewall proc esses. Perform a backup of a Security Gateway and Management Server. Upgrade and troubleshoot a Management Server. Upgrade and troubleshoot a clustered Security Gateway deployment. Configure SmartDirectory to incorporate user information for authentication serv ices on the network. Manage internal and external user access to resources for Remote Access or acros s a VPN. Troubleshoot user access issues found when implementing Identity Awareness. Build, test and troubleshoot a ClusterXL Load Sharing and High Availability depl oyments on an enterprise network. Troubleshoot a Site-to-Site or Certificate Based VPN on a corporate gateway. Optimise VPN performance and availability. Manage and Test corporate VPN Tunnels. Use SmartReporting and SmartEvent to provide industry compliant information to m anagement. Prerequisites Persons attending this course should have Check Point Security Administrator tra ining or certification and a working knowledge of networking concepts, Windows S erver and/or UNIX, and experience with TCP/IP and the Internet. Course Outline Advanced Firewall Advanced Upgrading Advanced User Management Advanced Clustering and Acceleration Advanced IPsec VPN and Remote Access Auditing and Reporting User Mode Debug Lab Exercises Upgrading to Check Point R75 Migrating to a Clustering Solution Configuring SmartDashboard to interface with Active Directory Configuring Site-to-Site VPNs with Third Party Certificates Remote Access with Endpoint Security VPN Generating reports using SmartEvent and SmartReporter /////////////////////////////// Check Point Security Administrator R75 CCSA and Expert R75 CCSE BootcampCourse C

ode: CPR75BOOTCAMP

Days: 5

Online TrainingTime stretched? If you would prefer something more flexible, we can now offer Online Training re lated to this topic. Click to see a list of courses Course Overview This boot camp course covers ALL the contents of the Check Point CCSA R75 and CC SE R75 courses. The course starts off with discussion on basic concepts and skills necessary to optimise Check Point Security Gateway and Management Software Blades. During thi s course you will optimise a Security Policy and learn about managing, tracking and monitoring a secure network. In addition, you will upgrade checkpoint as wel l as optimise site-to-site VPNs and Remote access VPNs. During the second half of the course we will be discussing the advanced concepts and skills to optimise the R75 Check Point Software Blade architecture. This co urse is designed to help maximise the performance of your Check Point security d eployment with real-world scenarios including Identity Awareness, Clustering, Ad vanced VPN Concepts and VPN debugging. During the course you will set up multipl e security gateway clusters, analyse network intrusion alerts and generate advan ced network traffic reports. On completion of the Check Point training course, Check Point users will be well equipped to use R75 Related Courses Check Point Security Expert for R75 (CCSE) Check Point: Security Administrator R75 Audience Technical persons who support, install, deploy or administer Check Point Softwar e Blades should attend this course. This could include the following: Systems Administrators, System Engineers, Security Managers and Network Managers Technical support personnel Channel Partners who want channel program benefits Anyone seeking CCSA certification Check Point Certified Security Administrators (CCSA) who want to achieve advance d certification (CCSE) Skills Gained Objectives Describe Check Point's unified approach to network management, and the key eleme nts of it Design a distributed environment Install the Security Gateway version R75 in a distributed environment Perform a backup and restore the current Gateway installation from the command l ine Identify critical files needed to purge or backup, import and export users and g roups and add or delete administrators from the command line Deploy Gateways using sysconfig and cpconfig from the Gateway command line Create and configure network, host and gateway objects Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard Create a basic Rule Base in SmartDashboard that includes permissions for adminis trative users, external services, and LAN outbound use Configure NAT rules on Web and Gateway servers Evaluate existing policies and optimize the rules based on current corporate req

uirements Maintain the Security Management Server with scheduled backups and policy versio ns to ensure seamless upgrades with minimal downtime Use Queries in SmartView Tracker to monitor IPS and common network traffic and t roubleshoot events using packet data Use packet data to generate reports, troubleshoot system and security issues, an d ensure network functionality Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways Upgrade and attach product licenses using SmartUpdate Centrally manage users to ensure only authenticated users securely access the co rporate network either locally or remotely Manage users to access the corporate LAN by using external databases Use Identity Awareness to provide granular level access to network resources Acquire user information used by the Security Gateway to control access Define Access Roles for use in an Identity Awareness rule Implement Identity Awareness in the Firewall Rule Base Configure a pre-shared secret site-to-site VPN with partner sites Configure permanent tunnels for remote access to corporate resources Configure VPN tunnel sharing, given the difference between host-based, subunit-b ased and gateway-based tunnels Use their knowledge of Security Gateway infrastructure including chain modules, packet flow and kernel tables to describe how to perform debugs on firewall proc esses. Perform a backup of a Security Gateway and Management Server. Upgrade and troubleshoot a Management Server. Upgrade and troubleshoot a clustered Security Gateway deployment. Configure SmartDirectory to incorporate user information for authentication serv ices on the network. Manage internal and external user access to resources for Remote Access or acros s a VPN. Troubleshoot user access issues found when implementing Identity Awareness. Build, test and troubleshoot a ClusterXL Load Sharing and High Availability depl oyments on an enterprise network. Troubleshoot a Site-to-Site or Certificate Based VPN on a corporate gateway. Optimise VPN performance and availability. Manage and Test corporate VPN Tunnels. Use SmartReporting and SmartEvent to provide industry compliant information to m anagement. Prerequisites Delegates need to have attended Check Point training on CCSE R60 or later versio ns. If delegates do not meet this requirement but feel they have the relevant ex perience and technical knowledge then we will need the trainer to speak with the delegate before confirming a booking. Course Outline Course Topics: Introduction to Check Point Technology Deployment Platforms Introduction to the Security Policy Monitoring Traffic and Connections Using SmartUpdate User Management and Authentication Advanced User Management Identity Awareness Introduction to Check Point VPNs

Advanced IPsec VPN, Remote Access VPN and troubleshooting Advanced Firewall concepts Advanced Upgrading Advanced Clustering and Acceleration Auditing and Reporting Options Introduction to Check Point Technology Describe Check Point's unified approach to network management and the key elemen ts of this architecture Design a distributed environment using the network detailed in the course topolo gy Install the Security Gateway version R75 in a distributed environment using the network detailed in the course topology Deployment Platforms Given network specifications, perform a backup and restore the current Gateway i nstallation from the command line Identify critical files needed to purge or backup, import and export users and g roups and add or delete administrators from the command line Deploy Gateways using sysconfig and cpconfig from the Gateway command line Introduction to the Security Policy Given the network topology, create and configure network, host and gateway objec ts Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard Create a basic Rule Base in SmartDashboard that includes permissions for adminis trative users, external services, and LAN outbound use Configure NAT rules on Web and Gateway servers Evaluate existing policies and optimize the rules based on current corporate req uirements Maintain the Security Management Server with scheduled backups and policy versio ns to ensure seamless upgrades with minimal downtime Monitoring Traffic and Connections Use Queries in SmartView Tracker to monitor IPS and common network traffic and t roubleshoot events using packet data Using packet data on a given corporate network, generate reports, troubleshoot s ystem and security issues, and ensure network functionality Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access based on corporate requirements Using SmartUpdate Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways Upgrade and attach product licenses using SmartUpdate User Management and Authentication Centrally manage users to ensure only authenticated users securely access the co rporate network either locally or remotely Manage users to access the corporate LAN by using external databases Identity Awareness Use Identity Awareness to provide granular level access to network resources Acquire user information used by the Security Gateway to control access Define Access Roles for use in an Identity Awareness rule Implement Identity Awareness in the Firewall Rule Base Introduction to Check Point VPNs Configure a pre-shared secret site-to-site VPN with partner sites Configure permanent tunnels for remote access to corporate resources Configure VPN tunnel sharing, given the difference between host-based, subunit-b ased and gateway-based tunnels Advanced Firewall Using your knowledge of Security Gateway infrastructure including chain modules,

packet flow and kernel tables, perform debugs on firewall processes. Advanced Upgrading Perform a backup of a Security Gateway and Management Server using your understa nding of the differences between backups, snapshots, and upgrade-exports. Upgrade and troubleshoot a Management Server using a database migration. Upgrade and troubleshoot a clustered Security Gateway deployment. Advanced User Management Using an external user database such as LDAP, configure SmartDirectory to incorp orate user information for authentication services on the network. Manage internal and external user access to resources for Remote Access or acros s a VPN. Troubleshoot user access issues found when implementing Identity Awareness. Advanced Clustering and Acceleration Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterpris e network. Build, test and troubleshoot a ClusterXL High Availability deployment on an ente rprise network. Build, test and troubleshoot a management HA deployment on an enterprise network . Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement on the firewall. Advanced IPsec VPN and Remote Access Using your knowledge of fundamental VPN tunnel concepts, troubleshoot a site-tosite or certificate-based VPN on a corporate gateway using IKEView, VPN log file s and command-line debug tools. Optimize VPN performance and availability by using Link Selection and Multiple E ntry Point solutions. Manage and test corporate VPN tunnels to allow for greater monitoring and scalab ility with multiple tunnels defined in a community including other VPN providers . SmartReporting and SmartEvent Create Events or use existing event definitions to generate reports on specific network traffic using SmartReporting and SmartEvent in order to provide industry compliance information to management. Using your knowledge of SmartEvent architecture and module communication, troubl eshoot report generation given command-line tools and debug-file information. LAB EXERCISES INCLUDE Distributed Installations Branch Office Security Gateway Installations CLI Tools Building a Security Policy Configure the DMZ Configure NAT Monitor with SmartView Tracker Client Authentication Identity Awareness Site-to-Site VPN between corporate and branch office Upgrading to Check Point R75 Migrating to a Clustering Solution Configuring SmartDashboard to interface with Active Directory Configuring Site-to-Site VPNs with Third Party Certificates Remote Access with Endpoint Security VPN Generating reports using SmartEvent and SmartReporter /////////////////////////

Check Point Security Bundle R75 (CCSA and CCSE) Content Details CCSA R75 1. Check Point Technology State Full Inspection Smart Console 2. Deployment Platforms Secure Platform IPSO Command-Line Interface (CLI) 3. Security Policy Build and Test a Security Policy Managing Objects Database Revision Control Policy Packages 4. Monitoring Traffic and Connections Smart View Monitor Smart View Tracker 5. User Management and Authentication User Authentication Session Authentication Client Authentication CCSE R75 6. Advanced Firewall Infrastructure Firewall Kernel Troubleshooting FW Chain Network Address Translation (NAT) Security Servers FW Monitor 7. Advanced Upgrading Backup Methods Upgrade Tools Smart Update Database Migration Upgrading Cluster Deployments 8. Advanced User MGMT Active Directory AU and Schemas Multiple AD Servers

Database Prioritization Troubleshooting User Authentication and Lightweight Directory AccessProtocol (LD AP) Identity Awareness HTTP Proxy (X-Forward) 9. Clustering and Acceleration Cluster XL Terms Sync Load Balancing Multicast Unicast Stick Connections Failover Management High Availability Sync Modes SecureXL SecureXL with VPNs Core XL 10. Advanced IPsec VPN and Remote Access IPsec IKE Phase 1+2 Remote Access VPNs VPN Modes Multi Entry Point (MEP) Troubleshooting/Logging/Debugging 11. Auditing and Reporting Standards Smart Event Smart Event Intro Smart Reporter Smart Event Architecture Migrating the Smart Event DB CCSA Lab 1 and 2: Distributed Install for Corporate and Branch Offices Lab 3: CLI Tools Lab 4: Building a Security Policy Lab 5: Configure DMZ Lab 6: Configure NAT Lab 7: Monitoring and SmartView Tracker

Lab 8: Integrate LDAP, Authentication Methods, and Database Revision Control CCSE Lab 1: Migrate MGMT Server Lab 2: Upgrade to R75 Environment with Clustered MGMT Servers, GWYs, and SmartUp date Lab 3: Identity Awareness Lab 4: Configure a Site-to-Site VPN with Third-Party Certifications UsingMicroso ft Certifications from an AD Server Lab 5: Configure a Remote User Using Endpoint Security to Allow Access toCorpora te Resources Lab 6: Configure and Schedule Events in Smart Event using Smart Reporter to View the Events. ///////////////////////////// Check Point Security Bundle R75 (CCSA and CCSE) This course efficiently combines the content of Check Point Security Administrat or (CCSA) R75 and Check Point Security Expert (CCSE) R75 into a Boot Camp-style course. Covering CCSA content, you will learn basic concepts and gain the skills necessa ry to configure Check Point Security Gateway and Management Software Blades. You will configure a security policy and learn to manage and monitor a secure netwo rk. You'll also upgrade and configure a Security Gateway to implement a virtual private network (VPN) for both internal and external remote users. In the CCSE section, you will cover advanced information on Check Point's Securi ty Gateway and Management Systems. Through hands-on training, you will gain the advanced skills necessary to manage and troubleshoot R75 Check Point Software Bl ades, including advanced firewall, advanced user management and clustering, adva nced IPsec and VPN, and remote access. You will perform debugs on firewall proce sses and optimize VPN performance. Certification: Check Point Certified Security Administrator (CCSA) R7x and Check Point Security Expert (CCSE) R7x What You'll Learn Secure communications across the Internet Defend against network threats Configure security policies Protect e-mail and messaging content Manage user access to corporate LANs Who Needs to Attend

Technical personnel who support, install, deploy, or administer Check Point Soft ware Blades, including: Systems administrators System engineers Security managers Network engineers Prerequisites Basic knowledge of networking Windows Server and/or UNIX skills Internet and TCP/IP experience Follow-On Courses There are no follow-ons for this course. Course Outline CCSA R75 1. Check Point Technology State Full Inspection Smart Console 2. Deployment Platforms Secure Platform IPSO Command-Line Interface (CLI) 3. Security Policy Build and Test a Security Policy Managing Objects Database Revision Control Policy Packages 4. Monitoring Traffic and Connections Smart View Monitor Smart View Tracker 5. User Management and Authentication User Authentication Session Authentication Client Authentication CCSE R75 6. Advanced Firewall Infrastructure Firewall Kernel Troubleshooting FW Chain Network Address Translation (NAT) Security Servers FW Monitor 7. Advanced Upgrading Backup Methods Upgrade Tools Smart Update Database Migration Upgrading Cluster Deployments 8. Advanced User MGMT Active Directory AU and Schemas Multiple AD Servers Database Prioritization Troubleshooting User Authentication and Lightweight Directory Access Protocol (L DAP) Identity Awareness HTTP Proxy (X-Forward) 9. Clustering and Acceleration Cluster XL Terms Sync

Load Balancing Multicast Unicast Stick Connections Failover Management High Availability Sync Modes SecureXL SecureXL with VPNs Core XL 10. Advanced IPsec VPN and Remote Access IPsec IKE Phase 1+2 Remote Access VPNs VPN Modes Multi Entry Point (MEP) Troubleshooting/Logging/Debugging 11. Auditing and Reporting Standards Smart Event Smart Event Intro Smart Reporter Smart Event Architecture Migrating the Smart Event DB Labs CCSA Lab 1 and 2: Distributed Install for Corporate and Branch Offices Lab 3: CLI Tools Lab 4: Building a Security Policy Lab 5: Configure DMZ Lab 6: Configure NAT Lab 7: Monitoring and SmartView Tracker Lab 8: Integrate LDAP, Authentication Methods, and Database Revision Control CCSE Lab 1: Migrate MGMT Server Lab 2: Upgrade to R75 Environment with Clustered MGMT Servers, GWYs, and Smart U pdate Lab 3: Identity Awareness Lab 4: Configure a Site-to-Site VPN with Third-Party Certifications Using Micros oft Certifications from an AD Server Lab 5: Configure a Remote User Using Endpoint Security to Allow Access to Corpor ate Resources Lab 6: Configure and Schedule Events in Smart Event using Smart Reporter to View the Events.