1. Artigos
  2. IT
  3. Check Point Certified Security Administration (CCSA) R80.x
Lista de Preços Públicos

Check Point Certified Security Administration (CCSA) R80.x

Pedir Cotação/inscrever

21 horas

About the course

This course covers everything you need to start-up, configure and manage daily operations of Check Point Security Gateway and Management Software Blades systems on the GAiA operating system.

ideal for

Technical persons who support, install, deploy, or administer Check Point Software Blades should attend this course. This could include the following:

  • System administrators

  • Support analysts

  • Security managers

  • Network engineers

  • Anyone seeking CCSA certification

Skills to acquire:

  • Be prepared to defend against network threats

  • Evaluate existing security policies and optimize the rule base

  • Manage user access to corporate LANs

  • Monitor suspicious network activities and analyze attacks

  • Troubleshoot network connections

  • Implement Check Point backup techniques

Objectives

  • Install the security gateway in a distributed environment

  • Configure rules on Web and Gateway servers

  • Create a basic rule base in SmartDashboard and assign permissions

  • Schedule backups and seamless upgrades with minimal downtime

  • Monitor and troubleshoot IPS and common network traffic

Prerequisite Knowledge

  • Basic knowledge of networking

  • Working knowledge of Windows, UNIX, network technology, and the Internet

  • 6 months to 1 year of experience with Check Point products recommended

Course Program

  • Install R80.10 management and a security gateway in a distributed environment

  • Configure objects, rules, and settings to define a security policy

  • Work with multiple concurrent administrators and define permission profiles

  • Configure a Virtual Private Network and work with Check Point clustering

  • Perform periodic administrator tasks as specified in administrator job descriptions

  • Check Point’s unified approach to network management and its key elements

  • Design a distributed environment

  • Install the Security Gateway in a distributed environment

  • Perform a backup and restore the current Gateway installation from the command line

  • Identify critical files needed to purge or backup, import and export users and groups, and add or delete administrators from the command line

  • Deploy Gateways using the GAiA web interface

  • Create and configure network, host, and gateway objects

  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard

  • Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use

  • Configure NAT rules on Web and Gateway servers

  • Evaluate existing policies and optimize the rules based on current corporate requirements

  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime

  • Use Queries in SmartView Tracker to monitor IPS and common network traffic and trouble-shoot events using packet data

  • Use packet data to generate reports, trouble-shoot system and security issues, and ensure network functionality

  • Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s sta-tus, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access

  • Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications

  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways

  • Upgrade and attach product licenses using SmartUpdate

  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely

  • Manage users to access the corporate LAN by using external databases

  • Use Identity Awareness to provide granular level access to network resources

  • Acquire user information used by the Security Gateway to control access

  • Define Access Roles for use in an Identity Awareness rule

  • Implement Identity Awareness in the Firewall Rule Base

  • Configure a pre-shared secret site-to-site VPN with partner sites

  • Configure permanent tunnels for remote access to corporate resources

  • Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels