> > > CCSA Detailed outline

Check Point Security Administration (CCSA)

Course Description Kurs tarihleri Course Outline

Detailed Course Outline

  • Describe Check Point's unified approach to network management and its key elements
  • Design a distributed environment
  • Install the Security Gateway in a distributed environment
  • Perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge (or backup), import and export users and groups, and add (or delete) administrators from the command line
  • Deploy Gateways using the Gaia web interface
  • Create and configure network, host, and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  • Create a basicRule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on corporate  requirements
  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
  • Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
  • Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
  • Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity, and monitor remote user access
  • Monitor remote gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1Gateways
  • Upgrade and attach product licenses using SmartUpdate
  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
  • Manage users to access the corporate LAN by using external databases
  • Use Identity Awareness to provide granula- level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define access roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base
  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources
  • Configure VPN tunnel sharing, given the difference between host-based, subunit-based, and gateway- based tunnels

Labs

  • Distributed Installations
  • Stand-alone Security Gateway Installations
  • Common Tools
  • Building a Security Policy Lab 5: Configure the DMZ
  • Configure NAT
  • Monitor with SmartView Tracker Lab 8: Client Authentication
  • Identity Awareness
  • Site-to-Site VPN between corporate and branch office
 

Cookies help us deliver our services. By using our services, you agree to our use of cookies.   Got it!