Check Point Security Engineer is an Advanced 3-day course that teaches how to build, modify,deploy and troubleshoot Check Point Security Systems on the GAiA Operating system. Hands-on lab exercises teach how to debug firewall processes, optimize VPN performance and upgrade Management Servers.We will study firewall processes and take a close look at kernel and user processing and Stateful Inspection. Labs contain implementing VPNs, configuring security gateways, and performing advanced troubleshooting tasks on the firewall.

Audience:

System Administrators, Security Managers, Network Engineers and Individual seeking CCSE certification.

Prerequisites:

Must be CCSA Certified with good knowledge of FireWall.

Duration of the course: Part Time : 18 Days (2 hrs/day)
Full Time : 3 days (8 hrs/day)

Key Benefits:

On completion of this course you will be able to implement and deploy site- to-site and remote VPN, Content Vectoring, URL filtering and Load balancing between firewalls.

Course Contents:

  • Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports.
  • Upgrade and troubleshoot a Management Server using a database migration.
  • Upgrade and troubleshoot a clustered Security Gateway deployment.
  • Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes.
  • Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network.
  • Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network.
  • Build, test and troubleshoot a management HA deployment on an enterprise network.
  • Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement.
  • Using an external user database such as LDAP, configure User Directory to incorporate user information for authentication services on the network.
  • Manage internal and external user access to resources for Remote Access or across a VPN.
  • Troubleshoot user access issues found when implementing Identity Awareness.
  • Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files and command-line debug tools.
  • Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions.
  • Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers.
  • Create events or use existing event definitions to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry compliance information to management.
  • Troubleshoot report generation given command-line tools and debug-file information.