<%@ taglib uri="/bosetags.tld" prefix="bose" %>
     
 
Services  |  Support  |  Solutions  |  Education  |  Corporate
 
     
   
 

Education Services

Check Point Security
Administrator R71

Check Point Security
Expert R71

Additional Check Point Courses:
Managing Provider-1, SecurePlatform, Endpoint, and VSX

Course Schedule and Registration

Training Policy

Accomodations

  

Check Point Security Administrator R71

** The new R71 Administrator courseware is based on the R70 courseware, with significant improvement in the course flow and labwork, and newly designed content to cover CoreXL and the new IPS Software Blade.

Netanium also adds custom content to cover the use of R75's Identity Awareness and Applicaiton Control features.

Length 4-5 days
Prerequisites Basic networking knowledge, knowledge of Windows Server and/or UNIX, and experience with TCP/IP and the Internet

Take this class if
  • You are a systems administrator, security manager, or network engineer who manages R71 Security Gateway deployments on open servers, IP appliances, UTM-1 appliances, or Power-1 appliances.
  • Want to earn Check Point Certified Security Administrator (CCSA) R71 certification

Check Point Security Administration R71 is a foundation course for Check Point's Security Management Systems, Security Gateway Systems, and deployment platforms. This course provides an understanding of basic concepts and skills necessary to configure Check Point Software Blades including Firewall, IPSEC VPN, IPS, Network Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivirus & Anti-malware, Anti-spam & Email Security. During this course, students will configure a Security Policy, secure communications across the Internet, defend against network threats, and learn about managing and monitoring a secure network.
You will learn
  • Design and install version R70 in a distributed environment
  • Perform a backup and restore the current installation.
  • Identify critical files
  • Deploy Gateways
  • Create and configure network, host and gateway objects.
  • Verify SIC establishment
  • Create a basic Rule Base
  • Configure NAT rules
  • Evaluate existing policies and optimize rules
  • Ensure seamless upgrades and minimal downtime.
  • Use queries to monitor IPS and common network traffic and troubleshoot events.
  • Generate reports, troubleshoot system and security issues, and ensure network functionality.
  • Configure alerts and traffic counters, monitor suspicious activity, analyze tunnel activity and monitor remote user access
  • Apply upgrade packages
  • Attach product licenses
  • Perform a pre-installation compatibility assessment
  • Centrally manage users and manage users’ access using external databases.
  • Configure a pre-shared secret site-to-site VPN.
  • Configure a certificate based site-to-site VPN using an internal CA or a third party CA.
  • Configure permanent tunnels for remote access.
  • Configure VPN tunnel sharing.
  • Configure Check Point Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection.
  • Configure a Web-filtering and antivirus policy to filter and scan traffic.
  • Implement default or customized profiles to designated Gateways.
  • Create and install IPS policies.
Exercises
  • Distributed Installation
    • Install and configure the Security Management Server
    • Install SecurePlatform on the Security Gateway
    • Configure the Security Gateway using WebUI
    • Launch SmartDashboard
  • Branch Office Security Gateway Installation
    • Configure Branch Gateway via WebUI
  • Command Line Interface (CLI) Tools
    • Initialize the ICA
    • Set expert password
    • Add and delete administrators
    • Run backup and restore
  • Defining Basic Objects
    • Create Security Gateway Object
    • Create Rules for Corporate Gateway
    • Create the Remote Security Gateway Object
  • Configure DMZ
    • Configure DMZ Interface on the Gateway
    • Create a DMZ Object
  • Configure NAT
    • Configure Hide NAT
    • Configure Static NAT
    • Observe NAT using fw monitor
  • Monitoring with SmartView Tracker
    • Launch SmartView Tracker
    • Track by Source and Destination
  • Using SmartUpdate
    • Get Gateway data and run Cpinfo
    • Download HFA Package
  • Upgrade a Security Gateway Locally
  • Client Authentication
    • Configure Manual Client Authentication with FTP and Local User
    • Configure Partially Automatic Client Authentication with LDAP
    • Test Active Directory Authentication
    • Create a Database Revision
  • Configure a Site-to-Site VPN
    • Define the VPN Domain
    • Create the VPN Community
    • Create VPN Rule
    • Test VPN Connection
    • VPN Troubleshooting
  • Configure Two Gateway IKE Encryption Using Certificates
    • Save a Certificate for Export
    • Add Machine to VPN Community
    • Create a Certificate Authority
    • Modify Rule Base
    • Install and Verify Security Gateway Configuration
    • Test Encryption with Certificates
    • Revert to Standard Security Policy
  • Remote Access and Office Mode
    • Create Remote Access Group
    • Configure Gateway for IKE Encryption and LDAP Authentication
    • Configure VPN Domain
    • Configure Office Mode IP Pool
    • Configure Remote Access Object
    • Modify Rule Base for Remote Access
    • Create a Site Using Site Wizard
    • Verifying Office Mode IP Assignment
    • Test Remote Connection
  • Messaging and Content Security
    • Configure IPS for Preliminary Detection
    • Analyze Attacks
    • Reconfiguring IPS to Block Attacks
    • Review Logs



 
 

 

  


 
 

Services  |  Support  |  Solutions  |  Education   |  Corporate