We provide virtual course about Check Point Cyber Security Engineering (CCSE) R81.20. This advanced three-day course teaches how to build, modify, deploy and troubleshoot the R81.20 Check Point Security Systems on the GAiA operating system.
Course description:
Hands-on lab exercises teach how to debug firewall processes, optimize VPN performance and upgrade Management Servers. This course is also the recommended training for CCSE certification. Learn advanced concepts and develop skills necessary to design, deploy, and upgrade Check Point Security environments.
Course objectives:
In this training you will learn how to:
• Identify basic interfaces used to manage the Check Point environment
• Identify the types of technologies that Check Point supports for automation
• Explain the purpose of the Check Management High Availability (HA) deployment
• Identify the workflow followed to deploy a Primary and solution Secondary servers
• Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness
• Identify how to exclude services from synchronizing or delaying synchronization
• Explain the policy installation flow
• Explain the purpose of dynamic objects, updatable objects and network feeds
• Understand how to manage user access for internal and external users
• Describe the Identity Awareness components and configurations
• Describe different Check Point Threat Prevention solutions
• Articulate how the Intrusion Prevention System is configured
• Obtain knowledge about Check Point's IoT Protect
• Explain the purpose of Domain-based VPNs
• Describe situations where externally managed certificate authentication is used
• Describe how client security can be provided by Remote Access
• Discuss the Mobile Access Software Blade
• Explain how to determine if the configuration is compliant with the best practices
• Define performance tuning solutions and basic configuration workflow
• Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
• Identify supported upgrade methods and procedures for Security Gateways
Exercises:
• Navigating the Environment and Using the Management API
• Deploying Secondary Security Management Server
• Configuring a Dedicated Log Server
• Deploying SmartEvent
• Configuring a High Availability Security Gateway Cluster
• Working with ClusterXL
• Configuring Dynamic and Updateable Objects
• Verifying Accelerated Policy Installations and Monitoring Status
• Elevating Security with HTTPS Inspection
• Deploying Identity Awareness
• Customizing Threat Prevention
• Configuring a Site-to-Site VPN with an Interoperable Device
• Deploying Remote Access VPN
• Configuring Mobile Access VPN
• Monitoring Policy Compliance
• Reporting SmartEvent Statistics
• Tuning Security Gateway Performance
Instructor: Thomas Norbeck
Thomas Norbeck er uten tvil Norges ledende instruktør på opplæring innen Check Points produkter, og gjennomfører både sertifiseringskurs og bedriftsintern kurs på Check Point versjoner og produkter. Thomas sin nøkkelkompetanse ligger innen Check Point spesielt, men også nettverksteknologi og sikkerhet generelt. I tillegg har han vært involvert i flere IT- og infrastruktur-prosjekter både som teknisk ressurs og som prosjektleder.
I ulike perioder har Thomas jobbet som konsulent parallelt med at han har opparbeidet lang erfaring med utvikling, tilpasning og gjennomføring av skreddersydde kurs for bedrifter innen ulike sektorer. Blant annet har han laget og gjennomført nettverkskurs på fire ulike kontinenter. Thomas Norbeck har 24 års erfaring med nettverk og sikkerhet både som instruktør og konsulent hos bl.a Azlan, A-Team, Ajourit og Curriculum før han begynte i Glasspaper i 2004. Han jobber i dag som Senior konsulent og instruktør for Glasspaper, samt at han er IT sjef og konsulentleder.
Target audience:
Technical professionals who architect, upgrade, maintain and support Check Point products
Prerequisites:
To attend this course you should have:
• Knowledge and experience with Check Point Security administration, equal to the CCSA training course
• Windows Server, UNIX and networking skills and TCP/IP experience
• Certificate management and system adminstration
Language:
• English course materiel, and norwegian speaking instructor
Certification:
This course is recommended preparation for exam 156-315.81.20: Check Point Certified Security Expert (CCSE) R81.20. If you pass this exam (and have passed CCSA previously) you will receive the CCSE certification.