This course is recommended for Security Experts and other technical professionals with prior training and/or practical experience with Check Point Management Servers and Security Gateways that run on the Gaia operating system.

Learn How To

• Use the management API to modify the Security Environment.
• Deploy a Secondary Security Management Server and Distributed Log Server.
• Use advanced techniques to configure dynamic objects, verify accelerated policy installation, and elevate security with HTTPS Inspection.
• Deploy Site-to-Site, Remote Access, and Mobile Access VPN solutions.
• Use SecureXL, CoreXL, Multi-Queue, and HyperFlow to optimize traffic flow through the Security Gateway.

Prerequisites

Before taking this course, the following prerequisites are strongly encouraged:

• Knowledge Base:
  • Working knowledge of :
    • Unix-like and/or Windows operating systems
    • Networking Fundamentals
    • Networking Security
    • CP/IP Networking
• Check Point Training Certification:
  • Check Point Certified Security Administrator (CCSA)

How You Will Benefit

• Implement Check Point Management High Availability to ensure environment stability and integrity.
• Use advanced techniques to manage user access, customize Threat Protection, and configure Remote Access solutions.
• Use tuning techniques to optimize the best Security Gateway performance.

Exam

• Exam #156-315.81.20

Objectives

• Identify basic interfaces used to manage the Check Point environment.
• Identify the types of technologies that Check Point supports for automation.
• Explain the purpose of the Check Management High Availability (HA) deployment.
• Identify the workflow followed to deploy a Primary and solution Secondary servers. 
• Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness.
• Identify how to exclude services from synchronizing or delaying synchronization.
• Explain the policy installation flow.
• Explain the purpose of dynamic objects, updatable objects, and network feeds.
• Understand how to manage user access for internal and external users.
• Describe the Identity Awareness components and configurations.
• Describe different Check Point Threat Prevention solutions.
• Articulate how the Intrusion Prevention System is configured.
• Obtain knowledge about Check Point’s IoT Protect.
• Explain the purpose of Domain-based VPNs.
• Describe situations where externally managed certificate authentication is used.
• Describe how client security can be provided by Remote Access.
• Discuss the Mobile Access Software Blade.
• Explain how to determine if the configuration is compliant with the best practices.
• Define performance tuning solutions and basic configuration workflow.
• Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
• •Identify supported upgrade methods and procedures for Security Gateways.

Exercises

• Navigating the Environment and Using the Management API
• Deploying Secondary Security Management Server
• Configuring a Dedicated Log Server
• Deploying SmartEvent
• Configuring a High Availability Security Gateway Cluster
• Working with ClusterXL
• Configuring Dynamic and Updateable Objects
• Verifying Accelerated Policy Installation and Monitoring Status
• Elevating Security with HTTPS Inspection
• Deploying Identity Awareness
• Customizing Threat Prevention
• Configuring a Site-to-Site VPN with an Interoperable Device
• Deploying Remote Access VPN
• Configuring Mobile Access VPN
• Monitoring Policy Compliance
• Reporting SmartEvent Statistics
• Tuning Security Gateway Performance