Check Point Security Administration R70

COURSE DESCRIPTION

Check Point Security Administration I NGX (R65) is a foundation course for Check Point''s flagship product, VPN-1 (NGX R65). This course provides an understanding of basic concepts and skills necessary to configure VPN-1. During this course, students will configure a Security Policy, and learn about managing and monitoring a secure network.

Delivery Method

Instructor-Led

Duration

Five days

Take this class if

  • You are a systems administrator, security manager, or network engineer who manages R70 Security Gateway deployments on open servers, IP appliances, UTM-1 appliances, or Power-1 appliances.
  • Want to earn Check Point Certified Security Administrator (CCSA) R70 certification

Prerequisites

Basic networking knowledge, knowledge of Windows Server and/or UNIX, and experience with TCP/IP and the Internet

Course Outline

  • Design and install version R70 in a distributed environment
  • Perform a backup and restore the current installation.
  • Identify critical files
  • Deploy Gateways
  • Create and configure network, host and gateway objects.
  • Verify SIC establishment
  • Create a basic Rule Base
  • Configure NAT rules
  • Evaluate existing policies and optimize rules
  • Ensure seamless upgrades and minimal downtime.
  • Use queries to monitor IPS and common network traffic and troubleshoot events.
  • Generate reports, troubleshoot system and security issues, and ensure network functionality.
  • Configure alerts and traffic counters, monitor suspicious activity, analyze tunnel activity and monitor remote user access
  • Apply upgrade packages
  • Attach product licenses
  • Perform a pre-installation compatibility assessment
  • Centrally manage users and manage users’ access using external databases.
  • Configure a pre-shared secret site-to-site VPN.
  • Configure a certificate based site-to-site VPN using an internal CA or a third party CA.
  • Configure permanent tunnels for remote access.
  • Configure VPN tunnel sharing.
  • Configure Check Point Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection.
  • Configure a Web-filtering and antivirus policy to filter and scan traffic.
  • Implement default or customized profiles to designated Gateways.
  • Create and install IPS policies.