CCSM: Check Point Security Master

Networking/Server/Operating Systems
Schedules
Optional
  LearnITAnytime Online Subscription (1 Year Subscription - $195.00)
  IT Online Library (1 Year Subscription - $1595.00)
Quantity
If quantity is more than 1, Please add all Attendees' Names /Voucher #/ Learning Credit below separated with a comma. If not specified, we will contact you prior to the class start date. Special Instructions

Check Point Security Master is an advanced technical 3-day course which teaches how to use advanced commands to configure and troubleshoot Check Point Security Systems.

Upon completion of this course, students are able to:

  • Identify issues and problems using commands
  • Locate the source of encryption failures
  • Identify potentially mis-configured VPNs
  • Reduce IPS false positives
  • Troubleshoot SecureXL and ClusterXL

Course Outline

  • Firewall-1 administration and infrastructure review
  • How policy changes impact chain module behavior
  • Identify management issues and problems with commands
  • Use commands to troubleshoot NAT stages
  • Configure Manual NAT to define specific rules
  • Use commands to review and clear connections table
  • Modify files to allow traffic through a specific cluster member
  • Locate the source of encryption failures using commands
  • Use commands to verify VPN connectivity
  • Identify any potentially mis-configured VPNs
  • Tune NIC performance
  • Increase size and improve hardware performance
  • Improve load capacity
  • Tune the firewall rule base
  • Reduce load on Rule Base application
  • Improve network performance
  • Improve logging efficiency
  • Use IPS Bypass to manage performance
  • Deploy IPv6 in a local envrionment
  • Identify differences between VPNs
  • Configure VPN Tunnel Interface (VTI)
  • Configure Open Shortest Path First (OSPF)

Lab Exercises Include:
  1. Evaluate Chain Modules
  2. Modify Security Policies
  3. Examine how rules and objects affect optimization
  4. Troubleshoot Secure Internal Communication issues
  5. Identify a mis-configured rule
  6. Identify the source of GUI client connectivity problems
  7. Improve load capacity through optimization
  8. Optimize network performance
  9. Configure Manual NAT
  10. Troubleshoot ClusterXL and SecureXL
  11. Configure IPS to reduce false positives
  12. Identify the speed of the system?s CPU
  13. Identify connections in the ClusterXL debug file
  14. Troubleshoot a mis-configured VPN
  15. Identify VPN configuration problems
  16. Identify acceleration status of current connections
  17. Identify the source of an encryption failure

This course is recommended for Systems Administrators, Security Engineers, Network Engineers and CCSEs seeking higher certification. In addition, it is for customers and partners who want to learn the advanced skills to troubleshoot and configure Check Point Security Gateway and Management Software Blades.

  • CCSE
  • General knowledge of TCP/IP
  • Working knowledge of Windows and UNIX
  • Working knowledge of network technology
  • Working knowledge of the Internet

This course prepares learners for CCSM exam #156-115.77, Exam is available at www.vue.com/checkpoint. Exam contains 80 multiple-choice questions. A passing score is 70% in 90 minutes. Students must have a valid CCSE certification before challenging the CCSM exam.