top of page

Check Point Cyber Security Engineering R8X 
CCSE  Version 2022

CP_ltd_vertical_Pos.png

Résumé

Advanced three-day course teaches how to build, modify, deploy and troubleshoot the R81.10 Check Point Security Systems on the GAiA operating system.

Hands-on lab exercises teach how to debug firewall processes, optimize VPN performance and upgrade Management Servers.

Objectifs pédagogiques

  • Provide an overview of the upgrade service and options available.

  • Explain how to perform management upgrade and migration.

  • Articulate the process using CPUSE features.

  • Articulate the purpose and function of Management High Availability.

  • Explain Primary vs Secondary, Active vs Standby and Synchronization.

  • Explain disaster recovery steps in case the primary management server becomes unavailable.

  • Provide overview of Central Deployment in SmartConsole.

  • Articulate an understanding of Security Gateway cluster upgrade methods.

  • Explain about Multi Version Cluster (MVC) upgrades.

  • Discuss Gaia Commands and how they are used.

  • Explain the main processes on s and s.

  • Describe how to work with scripts and SmartTasks to configure automatic actions.

  • Explain the Management Data Plane Separation (MDPS)

  • Explain kernel operations and traffic flow

  • Articulate Dynamic and Updatable Objects in Security Gateways

  •  Explain the policy installation flow and files used.

  • Describe the use of policy installation history.

  • Explain concurrent and accelerated install policy.

  • Describe an overview of APIs and ways to use and authenticate.

  • Explain how to make changes in GAIA and management configuration.

  • Explain how to install policy using AP

  • Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance.

  • Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance.

  • Articulate how utilizing multiple traffic queues can make traffic handling more efficient.

  • Discuss Site-to-Site VPN basics, deployment and communities.

  • Describe how to analyze and interpret VPN tunnel traffic.

  • Explain Link Selection and ISP Redundancy options.

  • Explain tunnel management features.

  • Discuss Check Point Remote Access solutions and how they differ from each other.

  • Describe how client security can be provided by Remote Access .

  • Explain authentication methods including machine authentication.

  • Explain Multiple Entry Point (MEP).

  • Discuss the Mobile Access Software Blade and how it secures communication and data exchange during remote connections.

  • Describe Mobile Access deployment options.

  • Discuss various features in Mobile Access like Portals, Link Translation, running Native Applications, Reverse Proxy and more.

  • Explain basic concepts of Clustering and ClusterXL.

  • Explain about Cluster Control Protocol (CCP) and synchronization.

  • Describe advanced ClusterXL functions and modes like Load Sharing, Active-Active, VMAC mode etc.

  • Discuss Cluster Correction Layer (CCL) to provide connection stickyness.

  • Advanced Logs and Monitoring

  • Explain how to determine if the configuration is compliant with the best practices.

  • Explain how to set action items to meet the compliance.

  • Discuss how SmartEvent functions to identify critical security issues.

  • Describe the components of SmartEvent and their deployment options.

  • Discuss how SmartEvent can assist in reporting security threats.

  • Explain how to customize event definitions and set an Event Policy.

 

Exercises

Prepare for a Security Management Server Upgrade

  • Upgrade the Security Management Server

  • Deploy a Secondary Security Management Server

  • Configure a Distributed Log Server

  • Upgrade a Security Gateway from SmartConsole

  • Work with the Command Line

  • Use Scripts and SmartTasks

  • Configure Dynamic Objects

  • Monitor Traffic

  • Verify Policy Installation and Status

  • Work with Gaia and Management APIs

  • Work with Acceleration Features

  • Configure a Locally Managed Site to Site VPN

  • Configure a Site to Site VPN with an Interoperable Device

  • Configure Remote Access VPN

  • Configure Mobile Access VPN

  • Configure a High Availability Cluster

  • Work with ClusterXL

  • Configure Policy Compliance

  • Deploy SmartEvent

Certificat
CCSE

 

Profil formateur 

 Instructeur certifié par Check Point

Délai d’accès 

Se référer aux dates figurant au planning

Évaluations et sanctions de la formation

  • Quizz intermédiaires 

  • Lab technique en fin de module

  • Évaluation de satisfaction via un questionnaire pré formation, à chaud et à froid

  • Attestation de présence et de formation 

* Formation distanciel possible :

  • de votre entreprise

  • de chez vous

  • de nos locaux à Sophia Antipolis (équipement Cisco Webex Board)

Nos formations sont accessibles aux personnes en situation de handicap.

Un questionnaire envoyé en amont de la formation invite les participants à nous contacter s’ils ont besoins d’aménagements spécifiques en lien avec leur situation de handicap. Nous nous employons à rechercher, avec les personnes concernées, les moyens de compensation qui leur seront adaptés.

Pour en valider l'accès merci de nous contacter contact@formation-IT.org

Durée 

3 jours soit 21 heures

Prix public

2.170 € HT

Dates

à Paris ou distanciel *​ 

  • sur demande

Public concerné

​Cette formation s’adresse aux Ingénieurs, techniciens disposant d’une expérience sur les produit Check Point devant configure de manière avancée les firewalls Check Point.

Pré requis

CCSA Training or Certification, fundamental Unix and Windows knowledge, certificate management experience, system administration and networking knowledge. 

Méthode et Moyens Pédagogiques

Ce cours allie théorie, démonstrations, discussions interactives mais aussi exercices pratiques.
Un support de cours est remis à chaque participant.
Les exercices se basent sur des labs disponible à distance.

 

📌 date confirmée

💻 distanciel

bottom of page