Check Point Security Administrator R70



Similar documents
Security Administration R77

R75. Installation and Upgrade Guide

Multi-Domain Security Management

Security Management Server

Checkpoint Accelerated CCSE NGX R65. Practice Test. Version 2.1

Scenario: Remote-Access VPN Configuration

Scenario: IPsec Remote-Access VPN Configuration

VPN-1 VE Evaluation Guide

Checkpoint Check Point Provider-1 NGX (v4) Practice Test. Version 2.1

ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239

SmartView Monitor. R77 Versions. Administration Guide. 21 May Classification: [Protected]

How To Backup a SmartCenter

Fortinet Certified Network Security Administrator

Configuring an IPsec VPN to provide ios devices with secure, remote access to the network

Using IPsec VPN to provide communication between offices

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

Table of Contents. Introduction. Audience. At Course Completion

Cisco ASA. Administrators

Check Point Certified Security Administrator (CCSA) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

McAfee Next Generation Firewall (NGFW) Administration Course

SSL VPN Technology White Paper

I. What is VPN? II. Types of VPN connection. There are two types of VPN connection:

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

Steps for Basic Configuration

Introduction to Endpoint Security

Configuring Windows 2000/XP IPsec for Site-to-Site VPN

Configuring IPsec VPN with a FortiGate and a Cisco ASA

How To Configure Syslog over VPN

Endpoint Security Management Server

SonicWALL Global Management System Configuration Guide Standard Edition

21.4 Network Address Translation (NAT) NAT concept

SonicWALL Security Quick Start Guide. Version 4.6

Deployment Guide: Transparent Mode

NETASQ MIGRATING FROM V8 TO V9

IPsec VPN Application Guide REV:

CHECK POINT. Software Blade Architecture. Secure. Flexible. Simple.

74% 96 Action Items. Compliance

How To Set Up Checkpoint Vpn For A Home Office Worker

Check Point NGX VoIP Hotfix-1 Release Notes June 2006

Microsoft Administering the Web Server (IIS) Role of Windows Server

SolarWinds Log & Event Manager

Table of Contents. Introduction

Firewall R76. Administration Guide. 14 February Classification: [Protected]

Forcepoint Stonesoft Management Center

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 2 Known Issues... 3 Resolved Issues...

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Fortinet Firewall. Overview

Astaro User Portal: Getting Software and Certificates Astaro IPsec Client: Configuring the Client...14

Firewall Troubleshooting

Endpoint Security VPN for Mac

Configuring Windows Server 2008 Network Infrastructure

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Configuring Check Point VPN-1/FireWall-1 and SecuRemote Client with Avaya IP Softphone via NAT - Issue 1.0

Network/VPN Overlap How-To with SonicOS 2.0 Enhanced Updated 9/26/03 SonicWALL,Inc.

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Check Point FW-1/VPN-1 NG/FP3

Cert Pro 4/17/01 2:05 AM Page 1 T HE C HECK P OINT. Certified Professional Program SECURE.

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

Citrix NetScaler 10 Essentials and Networking

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel

Endpoint Security VPN for Mac

How To Configure A Kiwi Ip Address On A Gbk (Networking) To Be A Static Ip Address (Network) On A Ip Address From A Ipad (Netware) On An Ipad Or Ipad 2 (

QUESTION: 1 Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Data Loss Prevention. R77 Versions. Administration Guide. 5 May Classification: [Protected]

VPN Tracker for Mac OS X

Configuring Trend Micro Content Security

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Implementing Core Cisco ASA Security (SASAC)

Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 1 Known Issues... 2 Resolved Issues...

7. Configuring IPSec VPNs

Deploying the Barracuda Link Balancer with Cisco ASA VPN Tunnels

NESCOT Cyberoam Training Academy

What is the Barracuda SSL VPN Server Agent?

Securing Networks with PIX and ASA

Cisco AnyConnect Secure Mobility Solution Guide

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

How do I set up a branch office VPN tunnel with the Management Server?

Implementing Cisco IOS Network Security

10972B: Administering the Web Server (IIS) Role of Windows Server

Check Point QoS. Administration Guide Version R70

Administering the Web Server (IIS) Role of Windows Server

vshield Administration Guide

Administering the Web Server (IIS) Role of Windows Server 10972B; 5 Days

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

Configuring High Availability for Embedded NGX Gateways in SmartCenter

Security Gateway R75. for Amazon VPC. Getting Started Guide

CISCO IOS NETWORK SECURITY (IINS)

How To Establish IPSec VPN between Cyberoam and Microsoft Azure

Case Study for Layer 3 Authentication and Encryption

Firewall Defaults and Some Basic Rules

Configuring a Site-to-Site VPN Tunnel Between Cisco RV320 Gigabit Dual WAN VPN Router and Cisco (1900/2900/3900) Series Integrated Services Router

VPN Tracker for Mac OS X

CNS-205 Citrix NetScaler 10 Essentials and Networking

Did you know your security solution can help with PCI compliance too?

Global VPN Client Getting Started Guide

Quality of Service R75. Administration Guide

Fireware Essentials Exam Study Guide

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Transcription:

Page 1 of 6 Check Point Security Administrator R70 Check Point Security Administration R70 Length Prerequisites 5 days* (recommended) Basic networking knowledge, knowledge of Windows Server and/or UNIX, and experience with TCP/IP and the Internet Take this class if You are a systems administrator, security manager, or network engineer who manages R70 Security Gateway deployments on open servers, IP appliances, UTM-1 appliances, or Power-1 appliances. Want to earn Check Point Certified Security Administrator (CCSA) R70 certification Check Point Security Administration R70 is a foundation course for Check Point's Security Management Systems, Security Gateway Systems, and deployment platforms. This course provides an understanding of basic concepts and skills necessary to configure Check Point Software Blades including Firewall, IPSEC VPN, IPS, Network Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivirus & Anti-malware, Anti-spam & Email Security. During this course, students will configure a Security Policy, secure communications across the Internet, defend against network threats, and learn about managing and monitoring a secure network. More details Table of Contents Sample Chapter Courseware Objectives You will learn Design and install version R70 in a distributed environment Perform a backup and restore the current installation. Identify critical files Deploy Gateways Create and configure network, host and gateway objects. Verify SIC establishment Create a basic Rule Base Configure NAT rules Evaluate existing policies and optimize rules Ensure seamless upgrades and minimal downtime. Use queries to monitor IPS and common network traffic and troubleshoot events. Generate reports, troubleshoot system and security issues, and ensure network functionality. Configure alerts and traffic counters, monitor suspicious activity, analyze tunnel activity and monitor remote user access Apply upgrade packages Attach product licenses

Page 2 of 6 Perform a pre-installation compatibility assessment Centrally manage users and manage users access using external databases. Configure a pre-shared secret site-to-site VPN. Configure a certificate based site-to-site VPN using an internal CA or a third party CA. Configure permanent tunnels for remote access. Configure VPN tunnel sharing. Configure Check Point Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection. Configure a Web-filtering and antivirus policy to filter and scan traffic. Implement default or customized profiles to designated Gateways. Create and install IPS policies. Exercises Distributed Installation Install and configure the Security Management Server Install SecurePlatform on the Security Gateway Configure the Security Gateway using WebUI Launch SmartDashboard Branch Office Security Gateway Installation Configure Branch Gateway via WebUI Command Line Interface (CLI) Tools Initialize the ICA Set expert password Add and delete administrators Run backup and restore Defining Basic Objects Create Security Gateway Object Create Rules for Corporate Gateway Create the Remote Security Gateway Object Configure DMZ Configure DMZ Interface on the Gateway Create a DMZ Object Configure NAT Configure Hide NAT Configure Static NAT Observe NAT using fw monitor Monitoring with SmartView Tracker Launch SmartView Tracker Track by Source and Destination Using SmartUpdate Get Gateway data and run Cpinfo Download HFA Package Upgrade a Security Gateway Locally Client Authentication Configure Manual Client Authentication with FTP and Local User Configure Partially Automatic Client Authentication

Page 3 of 6 with LDAP Test Active Directory Authentication Create a Database Revision Configure a Site-to-Site VPN Define the VPN Domain Create the VPN Community Create VPN Rule Test VPN Connection VPN Troubleshooting Configure Two Gateway IKE Encryption Using Certificates Save a Certificate for Export Add Machine to VPN Community Create a Certificate Authority Modify Rule Base Install and Verify Security Gateway Configuration Test Encryption with Certificates Revert to Standard Security Policy Remote Access and Office Mode Create Remote Access Group Configure Gateway for IKE Encryption and LDAP Authentication Configure VPN Domain Configure Office Mode IP Pool Configure Remote Access Object Modify Rule Base for Remote Access Create a Site Using Site Wizard Verifying Office Mode IP Assignment Test Remote Connection Messaging and Content Security Configure IPS for Preliminary Detection Analyze Attacks Reconfiguring IPS to Block Attacks Review Logs Check Point Certified Security Administrator R70 (CCSA R70) With over 24,000 CCSA certified professionals worldwide, CCSA certification is one of the most highly recognized and respected vendor-specific security certifications available. The foundation of Check Point certifications, CCSA R70 certification validates a Security Administrator's ability to maintain day-to-day operation of Check Point security solutions and ensure secure access to information across the network. Proficiencies include creating and installing Security Policies, using logging and reporting features, and managing anti-spoofing, Network Address Translation (NAT), and OPSEC applications. More information on specific topics, skills, and competencies covered by CCSA R70 certification is available in the course and exam details.

Page 4 of 6 Exam: #156-215.70 Course: Check Point Security Administration R70 Products: VPN-1, SmartCenter, SmartConsole, IPS Competencies: Backup and restore, monitoring tools, object creation, Rule Base construction, VPNs, NAT, authentication (including LDAP), user management Exam:156-215.70 Course: Check Point Security Administration R70 Prepares you for Certifications: CCSA R70, CCSE R70 Passing exam #156-215.70 earns you "Check Point Certified Security Administrator R70 (CCSA R70)" certification. Objectives Check Point Technology Overview Describe Check Point s unified approach to network management, and the key elements of this architecture Design a distributed environment using the network detailed in the course topology Install the Security Gateway version R70 in a distributed environment using the network detailed in the course topology Check Point Software Blades Given CheckPoint's latest integration of CoreXL technology, select the best security solution for your corporate environment Deployment Platforms Given network specifications, perform a backup and restore the current Gateway installation from the command line Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line Deploy Gateways using sysconfig and cpconfig from the Gateway command line Use the Command Line to assist support in troubleshooting common problems on the Security Gateway Introduction to the Security Policy Given the network topology, create and configure network, host and gateway objects Verify SIC establishment between the SmartCenter Server and the Gateway using SmartDashboard Create a basic Rule Base in SmartDashboard that

Page 5 of 6 includes permissions for administrative users, external services, and LAN outbound use Configure NAT rules on Web and Gateway servers Evaluate existing policies and optimize the rules based on current corporate requirements Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades and minimal downtime Monitoring Traffic and Connections Use queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data Using packet data on a given corporate network, generate reports, troubleshoot system and security issues, and ensure network functionality Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access based on corporate requirements Using SmartUpdate Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways Upgrade and attach product licenses using SmartUpdate Upgrading to R70 Based on current products or platforms used in an enterprise network, perform a preinstallation compatibility assessment before upgrading to R70 Given R70 licensing restrictions, obtain a license key Install a Contract File on platforms such as Windows, SecurePlatform, Linux, Solaris and IPSO User Management and Authentication Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely Manage users to access to the corporate LAN by using external databases Encryption and VPNs Select the most appropriate encryption algorithm when securing communication over a VPN, based on corporate requirements Establish VPN connections to partner sites in order to establish access to a central database by configuring Advanced IKE properties Introduction to VPNs Configure a pre-shared secret site-to-site VPN with partner sites Configure a certificate based site-to-site VPN using one

Page 6 of 6 partner's internal Configure a certificate based site-to-site VPN using a third-party CA Configure permanent tunnels for remote access to corporate resources Configure VPN tunnel sharing, given the difference between hostbased, subnet-based and gateway-based tunnels Messaging and Content Security Configure Check Point Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection Based on network analysis disclosing threats by specific sites, configure a Web-filtering and antivirus policy to filter and scan traffic Check Point IPS Implement default or customized profiles to designated Gateways in the corporate network Manage profiles by tracking changes to the network, including performance degradation, and troubleshoot issues with the network related to specific IPS policy rules Create and install IPS policies Take advantage of the latest special offers on R70 classes, and then register for training with an ATC near you! *Course length and price may vary by ATC. Please contact your local ATC for detailed information. 2010 Check Point Software Technologies Ltd. All rights reserved.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information