Check Point Security Administration NGX III

Rev 1.1
4 days

COURSE DESCRIPTION

Check Point Security Administration NGX III offers comprehensive training to enhance enterprise knowledge of VPN-1 NGX, network planning, route-based VPN, and troubleshooting procedures. Delivery Method
Instructor-Led

Duration

Four days

Course Objectives

Troubleshooting NGX product problems using troubleshooting guidelines

  • Using cpinfo and log files for file management
  • Using protocol analyzers to capture and analyze network traffic
  • Troubleshooting NGX problems using NGX debugging tools
  • Using fw and fw advanced commands for troubleshooting
  • Troubleshooting specific Security Server issues
  • Using VPN log files and vpn debug to troubleshoot VPN connections
  • Capturing traffic flow using ike debug, sr_service debug, and srfw monitor
  • Identifying differences between route- and domain-based VPNs
  • Identifying, debugging, and using relevant commands to troubleshoot Eventia Reporter problems

Prerequisites

Check Point Security Administration NGX I Rev 1.1 and Check Point Security Administration NGX II Rev 1.1 Course Outline

1. General Troubleshooting Methods
Troubleshooting Guidelines
What to Check Before Installing VPN-1 NGX
IP Forwarding and Boot Security
SIC and ICA issues
Network Address Translation
Collecting Data

2. File Management
cpinfo
objects_5_0.C and objects.C
fwauth.NDB
Log Files
Debugging Logging

3. Protocol Analyzers
tcpdump
snoop
fw monitor
Ethreal

4. NGX Debugging Tools
fw ctl debug
Debugging fwd/fwm
Debugging cpd

5. fw Advanced Commands
fw Commands
fw tab Command
fw ctl Commands
Other fw Commands
fw Advanced Commands
fwm Commands

6. Security Servers
The Folding Process
Troubleshooting Security Server Issues
Debugging Security Servers
Trobleshooting Tables

7. VPN Debugging Tools
IKE Basics
Trobleshooting Overview
VPN Debugging Tools
Troubleshooting Tables

8. Troubleshooting and Debugging SecureRemote/SecureClient
Necessary Ports
Packet Flow
Link Selection for Remote Access
SecureRemote/SecureClient Debugging Tools
Enhanced Debugging Tool
Troubleshooting Table

9. Advanced VPN
Route-Based VPN
Domain-Based VPN
VPN Tunnel Interface
Dynamic VPN Routing
Wire Mode
Directional VPN Rule Match
Tunnel Management

10. Cluster XL
Configuration Recommendations
Troubleshooting Cluster XL
Kernel Flags