Curso actualmente no disponible
Check Point Security Expert R75
Capacitación laboral
En Miguel Hidalgo ()
*Precio estimado
Importe original en USD:
$ 2,500
¿Necesitas un coach de formación?
Te ayudará a comparar y elegir el mejor curso para ti y a financiarlo en cómodas cuotas mensuales.
Descripción
-
Tipología
Capacitación laboral
-
Duración
3 Días
This course intended to provide you with and understanding of key concepts skills necessary to effectively build, deploy and troubleshoot a network using the Check Point Security Firewall.
The CCSE course provides you with the following key elements:
• Advanced and indepth explanation of Firewall-1 technology
• Key tips and techniques for troubleshooting
• Advanced upgrading concepts and practices
• Advanced user management and troubleshooting Identify Awareness
• Clustering firewall, management concepts and practices
• Software acceleration features
• Advanced VPN concepts and implementations
• Reporting tools, deployment options and features
Course Design
This course is designed for experts users and resellers who need to perform advanced deployment configurations of a Security Gateway.
Acerca de este curso
Successful completion of this course depends on knowledge of multiple disciplines related to network-security activities:
• Unix and Windows operating systems
• Certificate management
• System administration
• CCSA certification
• Networking (TCP/IP)
Opiniones
Materias
- Firewall
- Advanced Firewall
- Security Gateway
- Inbound and Outbound Packet Flow
- Auditing and Report
- Advanced IPsec VPN and Remote Access
- Clustering and Acceleration
- Advanced User Management
Profesores
Iván Cazañas
Security Product Manager
Programa académico
Chapter 1: Advanced Firewall
· Chapter 1: Advanced Firewall
· Chapter Objectives
· Firewall-1 Infrastructure
· GUI Clients
· Management
· Security Gateway
· User and Kernel Mode Processes
· The CPD Core Process
· FWM
· FWSSD
· Inbound and Outbound Packet Flow
· Inbound FW CTL Chain Modules
· Outbound Chain Modules
· Columns in a Chain
· Stateful Inspection
· Kernel Tables
· Connections Table
· Connections Table Format
· FW Tab Command
· FireWall-1 Key Features
· Packet Inspection Flow
· Policy Installation Flow
· Policy Installation Process
· Policy Installation Process Flow
· NAT
· How NAT Works
· fwx_alloc
· Hide NAT Process
· Security Servers
· How a security Server Works
· Basic FireWall-1 Administration
· Common Commands
· User Mode Debug
· Isolate the Problem
· FW Monitor
· What is FW Monitor
· C2S and S2C Connections
· Architecture
· Fine Tuning
· Sampling Interval
· Chapter 1 - Review Question
Chapter 2: Advanced Upgrading
· Chapter 2: Advanced Upgrading
· Chapter Objectives
· Backup and Restore Security Gateways and Management Servers
· Snapshot and Revert
· Backup and Restore
· Upgrade Tools
· Back up Schedule Recommendations
· Performing Upgrades
· SMS Upgrade and Database Migration
· Workflow
· Upgrade Cluster Deployments
· Minimal Effort Upgrade
· Zero Downtime
· Full Connectivity Upgrade
· Chapter 2 - Review Question
Chapter 3: Advanced User Management
· Chapter 3: Advanced User Management
· Chapter Objectives
· User Management
· Active Directory OU Structure
· Using LDAP Servers with Check Point
· LDAP User Management with SmartDirectory
· Defining an Account Unit
· Configuring Active Directory
· Schemas
· Multiple SmartDirectory (LDAP) Servers
· Authentication Process Flow
· Limitations of Authentications Flow
· Limitations of Authentication Flow
· SmartDirectory (LDAP) Profiles
· Troubleshooting User Authentication and SmartDirectory
· Common Configuration Pitfalls
· Some LDAP Tools
· Troubleshooting User Authentication
· Identify Awareness
· Enabling AD Query
· AD Query Setup
· Identifying users behind an HTTP proxy
· Verifying there´s a logged and AD user at the source IP
· Checking the source computer OS
· Using Smartview Tracker
· Chapter 3 - Review Question
Chapter 4: Clustering and Acceleration
· Chapter 4: Advanced Clustering and Acceleration
· Objectives
· Clustering and Acceleration
· Cluster XL
· Cluster Synchronization
· Synchronized-Cluster Restrictions
· Securing the Sync Interface
· To Synchronize or Not to Synchronize
· Clustering Terms
· Cluster XL: Load Balancing
· Multicast Load Sharing
· Unicast Load Sharing
· How Packets Travel Through a Unicast LS Cluster
· Sticky Connections
· The Sticky Decision Function
· Maintenance Tasks and Tools
· Perform a Manual Failover of the FW Cluster
· Advanced Cluster Configuration Examples
· Management HA
· The Management High Availability Environment
· Active vs Standby
· What Data is Backed Up?
· Synchronization Modes
· Synchronization Status
· SecureXL: Security Acceleration
· What SecureXL Does
· Packet Acceleration
· Session Rate Acceleration
· Masking the Source Port
· Application Layer Protocol – An example with HTTP
· HTTP 1.1
· Factors that Prelude Acceleration
· Factors that Prelude Templating (Session Acceleration)
· Packet flow
· SecureXL API
· VPN Capabilities
· CoreXL: Multicore Acceleration
· Supported Platforms and Features
· Default Configuration
· Processing Core Allocation
· Allocating Processing Cores
· Adding Processing Cores to the Hardware
· Allocating an Additional Core to the SND
· Allocating a Core for Heavy Logging
· Packet Flows with SecureXL Enabled
· Chapter 4 - Review Question
Chapter 5: Advanced IPsec VPN and Remote Access
· Chapter 5: Advanced IPsec VPN Remote Access
· Objectives
· Advanced VPN Concepts and Practices
· IPsec
· Internet Key Exchange (IKE)
· IKE Key Exchange Process – Phase 1
· Phase 2 Stages
· Remote Access VPNs
· Connection Initiation
· Link Selection
· Multiple Entry Point VPNs
· How Does MEP Work
· Explicit MEP
· Implicit MEP
· Tunnel Management
· Permanent Tunnels
· Tunnel Testing
· VPN Tunnel Sharing
· Tunnel–Management Configuration
· Permanent–Tunnel Configuration
· Tracking Options
· Advanced Permanent-Tunnel Configuration
· Troubleshooting
· VPN Log Files
· vpn debug Command
· vpn Command
· vpn debug on І off
· vpn debug ikeon І ikeoff
· vpn tu
· vpn debug trunk
· VPN Enviroment Variables
· Comparing SAs
· Examples
· VPN Encryption Issues
· Example 1
· Example 2
· Chapter 5 - Review Question
Chapter 6: Auditing and Report
· Chapter 6: Auditing and Report
· Objectives
· Auditing and Reporting Processes
· Auditing and Reporting Standards
· SmartEvent
· SmartEvent Intro
· SmartReporter
· Report Types
· SmartEvent Architecture
· Component Communication Process
· Event Policy User Interface
· Migrating the SmartEvent Database
· Chapter 6- Review Question
Appendix IUser Mode Debug
· Running User-Mode Debug
· OPSEC
· TDERROR
· HERROR
· fw debug
· Analyze Debug Output
· Perform a Core Dump
· Kernel Debug
· Debugging Flags
· Kernel Debugging Tips
· Examples
Appendix II Chapter Questions and Answers
· Chapter 1 – Review Questions & Answers
· Chapter 2 – Review Questions & Answers
· Chapter 3 – Review Questions & Answers
· Chapter 4 – Review Questions & Answers
· Chapter 5 – Review Questions & Answers
Chapter 6 – Review Questions & AnswersInformación adicional
¿Necesitas un coach de formación?
Te ayudará a comparar y elegir el mejor curso para ti y a financiarlo en cómodas cuotas mensuales.
Check Point Security Expert R75
*Precio estimado
Importe original en USD:
$ 2,500