Price: $4,995

Schedule:  View by City,   View by Class,   View by Date

Course Overview: 
Check Point Security Administration R70 is a foundation course for Check Point's Security Management Systems, Security Gateway Systems, and deployment platforms. This course provides an understanding of basic concepts and skills necessary to configure Check Point Software Blades including Firewall, IPSEC VPN, IPS, Network Policy Management, Logging & Status, and Monitoring, URL Filtering, Antivirus & Anti-malware, Anti-spam & Email Security. During this course, students will configure a Security Policy, secure communications across the Internet, defend against network threats, and learn about managing and monitoring a secure network

Course Duration:  Five Day Course

• Systems administrator, security manager, or network engineer who manages R70 Security Gateway deployments on open servers, IP appliances, UTM-1 appliances, or Power-1 appliances.
• Professionals who want to earn Check Point Certified Security Administrator (CCSA) R70 certification.
• Security Architects
• Systems Engineers
• Post-sale Support Technicians

• Understanding of Windows and/or UNIX operating systems
• Basic networking knowledge
• Experience with TCP/IP and the Internet

Course Objectives:

• Design and install version R70 in a distributed environment
• Perform a backup and restore the current installation.
• Identify critical files
• Deploy Gateways
• Create and configure network, host and gateway objects.
• Verify SIC establishment
• Create a basic Rule Base
• Configure NAT rules
• Evaluate existing policies and optimize rules
• Ensure seamless upgrades and minimal downtime.
• Use queries to monitor IPS and common network traffic and troubleshoot events.
• Generate reports, troubleshoot system and security issues, and ensure network functionality.
• Configure alerts and traffic counters, monitor suspicious activity, analyze tunnel activity and monitor remote user access
• Apply upgrade packages
• Attach product licenses
• Perform a pre-installation compatibility assessment
• Centrally manage users and manage users’ access using external databases.
• Configure a pre-shared secret site-to-site VPN.
• Configure a certificate based site-to-site VPN using an internal CA or a third party CA.
• Configure permanent tunnels for remote access.
• Configure VPN tunnel sharing.
• Configure Check Point Messaging Security to test IP Reputation, content based anti-spam, and zero hour virus detection.
• Configure a Web-filtering and antivirus policy to filter and scan traffic.
• Implement default or customized profiles to designated Gateways.
• Create and install IPS policies.

Course Agenda:

• DAY 1
  • Check Point Technology Overview
  • Check Point Software Blades
  • Deployment Platforms
  • LAB: Distributed Installation
  • LAB: Branch Office Security Gateway Installation
• DAY 2
  • Introduction to the Security Policy
  • Monitoring Traffic and Connections
  • LAB: CLI Tools
  • LAB: Defining Basic Objects and Rules
  • LAB: Configure the DMZ
  • LAB: Configure NAT
  • LAB: Monitoring with SmartView Tracker
• DAY 3
  • Using SmartUpdate
  • Upgrading to R70
  • User Management and Authentication
  • LAB: Using SmartUpdate
  • LAB: Upgrading a Security Gateway Locally
  • LAB: Client Authentication
• DAY 4
  • Encryption and VPNs
  • Introduction to VPNs
  • LAB: Site-to-Site VPN Between Corporate and Branch Office
  • LAB: Two-Gateway IKE Encryption
  • LAB: Remote Access and Office Mode
• DAY 5
  • Messaging and Content Security
  • Check Point IPS
  • LAB: Messaging and Content Security
  • LAB: Implementing IPS