Check Point Security Administration I NGX (R65)

COURSE DESCRIPTION

Check Point Security Administration I NGX (R65) is a foundation course for Check Point''s flagship product, VPN-1 (NGX R65). This course provides an understanding of basic concepts and skills necessary to configure VPN-1. During this course, students will configure a Security Policy, and learn about managing and monitoring a secure network.

Delivery Method

Instructor-Led

Duration

Three days

Course Objectives

You will learn:

  • How VPN-1 components and Check Point’s three-tier architecture works to secure your network
  • How to perform command-line operations using Check Point’s SecurePlatform operating system
  • How to back up critical files and directories, for availability and timely recovery of Security Gateways and SmartCenter Servers
  • How to create objects and rules and modify a Security Policy’s properties
  • How to use monitoring tools to track, monitor, and account for all connections logged by Check Point components
  • How to configure network-bandwidth requirements and interpret the results
  • How to use Network Address Translation to overcome IP addressing limitations
  • How to verify the identity of users logging in to VPN-1 using authentication schemes
  • How to implement LDAP, and integrate it with a SmartCenter Server
  • How to protect organizations from known network attacks and entire categories of emerging or unknown attacks, using SmartDefense
  • How to configure Web-filtering and antivirus settings on a Gateway to ensure traffic content is inspected for specific conditions.

Prerequisites

Basic networking knowledge, knowledge of Windows Server and/or UNIX, and experience with TCP/IP and the Internet 

Course Outline

  • Installing and configuring the SmartCenter Server
  • Installing SecurePlatform Pro on the Security Gateway
  • Configuring the Security Gateway using the WebUI
  • Configure an interface as your management connection using the sysconfig utility
  • Backing up a current configuration from the command line
  • Create network objects
  • Establish trust between a Gateway and SmartCenter Server
  • Develop a network model using SmartMap
  • Create a Policy Package to configure a Rule Base
  • Enable Static NAT on a network
  • Simulate a malicious network intrusion, and blocking the attack
  • Enforce the Suspicious Activity Rule with SmartView monitor
  • Create user templates and define users
  • Test Client Authentication
  • Configure SmartDirectory using Microsoft Active directory to authenticate users
  • Configure QoS rules to support traffic-priority requirements
  • Configure SmartDefense to detect port scans and successive multiple-connection attempts
  • Configure Web Intelligence to detect a simple worm signature