Curso actualmente no disponible
Sicap

Check Point Security Expert R75

Sicap
En Miguel Hidalgo ()

$ 50,999
más IVA
*Precio Orientativo
Importe original en USD:
US$ 2,500
¿Quieres hablar con un Asesor sobre este curso?

Información importante

Tipología Capacitación laboral
Duración 3 Días
  • Capacitación laboral
  • Duración:
    3 Días
Descripción

This course intended to provide you with and understanding of key concepts skills necessary to effectively build, deploy and troubleshoot a network using the Check Point Security Firewall.

The CCSE course provides you with the following key elements:
• Advanced and indepth explanation of Firewall-1 technology
• Key tips and techniques for troubleshooting
• Advanced upgrading concepts and practices
• Advanced user management and troubleshooting Identify Awareness
• Clustering firewall, management concepts and practices
• Software acceleration features
• Advanced VPN concepts and implementations
• Reporting tools, deployment options and features

Course Design
This course is designed for experts users and resellers who need to perform advanced deployment configurations of a Security Gateway.

Preguntas Frecuentes

· Requisitos

Successful completion of this course depends on knowledge of multiple disciplines related to network-security activities: • Unix and Windows operating systems • Certificate management • System administration • CCSA certification • Networking (TCP/IP)

Opiniones

0.0
No valorado
Valoración del curso
100%
Lo recomiendan
5.0
excelente
Valoración del Centro

Reseñas de este curso

No hay opiniones de este curso todavía
* Reseñas reunidas por Emagister & iAgora

¿Qué aprendes en este curso?

This course intended to provide you with and understanding of key concepts skills necessary to effectively build
Deploy and troubleshoot a network using the Check Point Security Firewall
Firewall
Advanced Firewall
Security Gateway
Inbound and Outbound Packet Flow
Auditing and Report
Advanced IPsec VPN and Remote Access
Clustering and Acceleration
Advanced User Management

Profesores

Iván Cazañas
Iván Cazañas
Security Product Manager

Programa académico

Chapter 1: Advanced Firewall

· Chapter 1: Advanced Firewall

· Chapter Objectives

· Firewall-1 Infrastructure

· GUI Clients

· Management

· Security Gateway

· User and Kernel Mode Processes

· The CPD Core Process

· FWM

· FWSSD

· Inbound and Outbound Packet Flow

· Inbound FW CTL Chain Modules

· Outbound Chain Modules

· Columns in a Chain

· Stateful Inspection

· Kernel Tables

· Connections Table

· Connections Table Format

· FW Tab Command

· FireWall-1 Key Features

· Packet Inspection Flow

· Policy Installation Flow

· Policy Installation Process

· Policy Installation Process Flow

· NAT

· How NAT Works

· fwx_alloc

· Hide NAT Process

· Security Servers

· How a security Server Works

· Basic FireWall-1 Administration

· Common Commands

· User Mode Debug

· Isolate the Problem

· FW Monitor

· What is FW Monitor

· C2S and S2C Connections

· Architecture

· Fine Tuning

· Sampling Interval

· Chapter 1 - Review Question

Chapter 2: Advanced Upgrading

· Chapter 2: Advanced Upgrading

· Chapter Objectives

· Backup and Restore Security Gateways and Management Servers

· Snapshot and Revert

· Backup and Restore

· Upgrade Tools

· Back up Schedule Recommendations

· Performing Upgrades

· SMS Upgrade and Database Migration

· Workflow

· Upgrade Cluster Deployments

· Minimal Effort Upgrade

· Zero Downtime

· Full Connectivity Upgrade

· Chapter 2 - Review Question

Chapter 3: Advanced User Management

· Chapter 3: Advanced User Management

· Chapter Objectives

· User Management

· Active Directory OU Structure

· Using LDAP Servers with Check Point

· LDAP User Management with SmartDirectory

· Defining an Account Unit

· Configuring Active Directory

· Schemas

· Multiple SmartDirectory (LDAP) Servers

· Authentication Process Flow

· Limitations of Authentications Flow

· Limitations of Authentication Flow

· SmartDirectory (LDAP) Profiles

· Troubleshooting User Authentication and SmartDirectory

· Common Configuration Pitfalls

· Some LDAP Tools

· Troubleshooting User Authentication

· Identify Awareness

· Enabling AD Query

· AD Query Setup

· Identifying users behind an HTTP proxy

· Verifying there´s a logged and AD user at the source IP

· Checking the source computer OS

· Using Smartview Tracker

· Chapter 3 - Review Question

Chapter 4: Clustering and Acceleration

· Chapter 4: Advanced Clustering and Acceleration

· Objectives

· Clustering and Acceleration

· Cluster XL

· Cluster Synchronization

· Synchronized-Cluster Restrictions

· Securing the Sync Interface

· To Synchronize or Not to Synchronize

· Clustering Terms

· Cluster XL: Load Balancing

· Multicast Load Sharing

· Unicast Load Sharing

· How Packets Travel Through a Unicast LS Cluster

· Sticky Connections

· The Sticky Decision Function

· Maintenance Tasks and Tools

· Perform a Manual Failover of the FW Cluster

· Advanced Cluster Configuration Examples

· Management HA

· The Management High Availability Environment

· Active vs Standby

· What Data is Backed Up?

· Synchronization Modes

· Synchronization Status

· SecureXL: Security Acceleration

· What SecureXL Does

· Packet Acceleration

· Session Rate Acceleration

· Masking the Source Port

· Application Layer Protocol – An example with HTTP

· HTTP 1.1

· Factors that Prelude Acceleration

· Factors that Prelude Templating (Session Acceleration)

· Packet flow

· SecureXL API

· VPN Capabilities

· CoreXL: Multicore Acceleration

· Supported Platforms and Features

· Default Configuration

· Processing Core Allocation

· Allocating Processing Cores

· Adding Processing Cores to the Hardware

· Allocating an Additional Core to the SND

· Allocating a Core for Heavy Logging

· Packet Flows with SecureXL Enabled

· Chapter 4 - Review Question

Chapter 5: Advanced IPsec VPN and Remote Access

· Chapter 5: Advanced IPsec VPN Remote Access

· Objectives

· Advanced VPN Concepts and Practices

· IPsec

· Internet Key Exchange (IKE)

· IKE Key Exchange Process – Phase 1

· Phase 2 Stages

· Remote Access VPNs

· Connection Initiation

· Link Selection

· Multiple Entry Point VPNs

· How Does MEP Work

· Explicit MEP

· Implicit MEP

· Tunnel Management

· Permanent Tunnels

· Tunnel Testing

· VPN Tunnel Sharing

· Tunnel–Management Configuration

· Permanent–Tunnel Configuration

· Tracking Options

· Advanced Permanent-Tunnel Configuration

· Troubleshooting

· VPN Log Files

· vpn debug Command

· vpn Command

· vpn debug on І off

· vpn debug ikeon І ikeoff

· vpn tu

· vpn debug trunk

· VPN Enviroment Variables

· Comparing SAs

· Examples

· VPN Encryption Issues

· Example 1

· Example 2

· Chapter 5 - Review Question

Chapter 6: Auditing and Report

· Chapter 6: Auditing and Report

· Objectives

· Auditing and Reporting Processes

· Auditing and Reporting Standards

· SmartEvent

· SmartEvent Intro

· SmartReporter

· Report Types

· SmartEvent Architecture

· Component Communication Process

· Event Policy User Interface

· Migrating the SmartEvent Database

· Chapter 6- Review Question

Appendix IUser Mode Debug

· Running User-Mode Debug

· OPSEC

· TDERROR

· HERROR

· fw debug

· Analyze Debug Output

· Perform a Core Dump

· Kernel Debug

· Debugging Flags

· Kernel Debugging Tips

· Examples

Appendix II Chapter Questions and Answers

· Chapter 1 – Review Questions & Answers

· Chapter 2 – Review Questions & Answers

· Chapter 3 – Review Questions & Answers

· Chapter 4 – Review Questions & Answers

· Chapter 5 – Review Questions & Answers

Chapter 6 – Review Questions & Answers

Información adicional

Instructional Method This course is available in either classroom or self-paced online formats, and includes access to a live lab environment, as well as demonstrations and the practical application of concepts through hands-on exercises.

Los usuarios que se interesaron por este curso también han mostrado interés por...
Ver más cursos similares