Corsi e Certificazione Check Point, CCSA, CCSE, CCSM, Check Point Certified Admin Check Point Certified Expert Check Point Certified Security Master

Corso Check Point Cybersecurity Boot Camp CCSA & CCSE

Panoramica Obiettivi Contenuti
Tipologia Prerequisiti Durata e Frequenza
Docenti Modalità di Iscrizione Calendario

PANORAMICA

Corso di preparazione al conseguimento della

Agevolazioni per Disoccupati Inoccupati e lavoratori a Termine

Contattaci ora per ricevere tutti i dettagli e per richiedere, senza alcun impegno, di parlare direttamente con uno dei nostri Esperti CLICCA QUI.
Oppure chiamaci subito al nostro numero verde 800-177596.

OBIETTIVI DEL CORSO

Advanced course teaches how to build, modify, deploy and troubleshoot Check Point Security Systems on the GAiA operating system. Hands-on lab exercises teach h ow to debug firewall processes, optimize VPN performance and upgrade Management Servers. Validate and enhance your skills and optimally manage Check Point advanced security management systems. Five-day course covers everything you need to start-up, configure and manage daily operations of Check Point Security Gateway and Management Software Blades systems on the GAiA operating system. This course it’s for Technical professionals and expert who support, administer or perform advanced deployment configurations of Check Point products.

CONTENUTI DEL CORSO

Check Point Cybersecurity Boot Camp CCSA & CCSE

Preface: Check Point Certified Security Administrator
Introduction to Check Point
The Role of the Securi ty Administrator
Chapters & Learning Objectives
Lab Topology
Certification
Check Point CheckMates
Chapter 1: Introduction to Check Point Technology
Check Point Security Architecture
Controlling Network Traffic
Applying the Content Security Pol icy
Chapter 2: Introduction to Check Point Deployment
Check Point Deployment Options
Deployment Considerations
Introduction to Gaia Operating System
Chapter 3: Check Point Security Management Operations
Network Communication
The SmartConsole
SmartConsole Applications
Administration
Chapter 4: Check Point Licensing
Licensing Overview
SmartUpdate
Managing Licenses
Chapter 5: Security Policy Management
Introduction to the Security Policy
The Rule Base
Global Properties
Publishing Policy
Policy Packages
Install Policy
Chapter 6: Policy Layers
Policy Layer Concept
Layers
Chapter 7: Application Control & URL Filtering
Application Control & URL Filtering
Overview of Application Con trol
URL Filtering
Configuring App Control & URL Filtering
Chapter 8: User Access Management
Overview of User Management
Methods for Acquiring Identities
Identity Sharing
Distinguished Name
Using Multiple LDAP Servers
Retrieving Information from a User Directory Server
Managing Users on a User Directory Server
Chapter 9: Network Address Translation
Understanding Network Address Translat ion
Manual and Automatic NAT
Chapter 10: Traffic Visibility
Using SmartConsole
Analyzing Logs
Chapter 11: Monitoring System States
Mon itoring Traffic and Connections
Chapter 12: Threat Prevention
Threat Prevention
Autonomous Threat Prevention
Intrusion Prevention System
Anti-Malware
Threat Emulation & Threat Extraction
Internet of Things Protections
Preface: Check Point Certified Security Expert
Check Point Security Expert Course
Recommended Knowledge
Course Chapters and Learning Objectives
Lab Topology
Related Certification
Check Point CheckMates
Chapter 1: Management Upgrade and Migration
Upgrading Security Management Servers
Upgrade I Download Wizard
Check Point Upgrade Service Engine (CPUSEl
CPUSE Upgrade Method
Advanced Upgrade with Database Migration
lnstatling Hot fixes and Major Version Upgrades
Chapter 2: Management High Availability
Management Redundancy
Troubleshooting Management High Availability
Chapter 3: Security Gateway Upgrade
Security Gateway Upgrade
Package Reposi tory
Upgrading Security Ga teway Cl usters
Using the Blink Utility
Chapter 4: Advanced Check Point Maintenance
Gaia CLI Commands
Working with Bash
Check Point Processes
Scripts
Chapter 5: Security Gateway Operations
Management Data Plane Separation (MD PSI
Packet Flow
Mon itoring Traffic Flow
Dynamic Objects
Updatable Objects
Chapter 6: Policy Installation
Policy Types Layers and Packages
Policy Installation Flow
Chapter 7: Gaia and Management APis
Automation
Using Gaia and Management APis
API Access Methods
Chapter 8: Acceleration
Introduction
CoreXL
Multiple Traffic Queues
Chapter 9: Site-to-Site VPN
Introduction to VPN
Internet Key Exchange liKE
Site-to-Site VPN
VPN Communities
Domain Based VPN
Access Control for VPN Traffic
Configuring Site- to-Site VPN
Exte rnally Managed Certificate Authentication
Chapter 10: Remote Access VPN
Introduction to Remote Access VPN
Authentica tion
Remote Access Cl ients
License Requirements
Client to Gateway Communication Challenges
Secure Configuration Verification
Desktop Security
Multiple Entry Point [MEP) for Remote Access
SSL Network Extender
Configuring Remote Access VPN
Chapter 11: Mobile Access VPN
Introduction to Mobile Access VPN
How does Mobile Access VPN work?
Mobile Access Security Policy
Configuring Mobile Access
Mobile Access Applications and Options
Chapter 12: Clustering
Introduction to Cluster and ClusterXL
ClusterXL
Virtual lP Addresses
Virtual MAC Addresses [VMAC)
Cluster Synchronization
Cluster Failover and Status Commands
Cluster Traffic Flows
Cluster Control Protocoi(CCPI)
Sticky Connections
Configuring a Secu rity Gateway Cluster
NAT and Proxy ARP for Clusters
Chapter 13: Advanced Logs and Monitoring
Compliance Analysis Feature
SmartEvent
Remediating Security Events
Reporting Security Events
Event Views and Definitions
Suspicious Activity Monitoring

Attività Laboratoriali

Lab: Installation of the Primary Security Management Server
Installing the Gaia Operati ng system
Installing the Security Management Server Software:
Installing SmartConsole
Lab: Configuration of a Security Gateway
Poweri ng on the Security Gateway
Configu ring the Security Gateway
Lab : Establishing Secure Internal Communication
Creat ing Gateway Objects in SmartConsole
Testing SIC status to the Gateway
Lab: Managing User Access
Creat ing New Administrators and Assigning Profi les
Testing Administrator Profile Assignments
Managing Co ncurrent Administrator Sessions
Taking Over an Administrator Session
Lab: Managing Licenses
Verifying the status of existing l icenses in SmartConsole
Attaching a license using SmartConsole
Generating a license report
Lab: Creating the Alpha Standard security policy
Creating Policy Objec ts
Creating a Standard Security Policy
Installing the Standard Security Policy
Testing the Standard Security Policy
Lab: Creating the Bravo Security Policy
Establishing SIC to B-GW
Adding a license to B-GW
Enable security zones on B-GW
Create B-GW Security Zones Policy
Test Internet connectivity
Lab: Configuring Order Layers
Add Two New Order Layers to be Shared
Configure the new ordered layers rules
Use the Shared Layer on Bravo Policy
Testing the Shared APPI+URL Layer on Bravo Gatteway
Testing the Shared Data_ Control Layer on Bravo Gateway
Lab: Configuring a Shared lnline Layer
Create A Shared DMZ layer
Sharing the In line DMZ layer with Bravo-policy
Testing the Shared lnline DMZ Layer
Lab: Configuring a Unified Policy
Create a Unified Policy Layer
Update the Appi+URL Layer
Create a Unified Policy
Lab: Configuring HTIPS Inspection Policy
Enable HTTPS Inspect ion
Create a HTIPS Inspection rule
Deploy the Security Gateway Cert ificate
Test Unified-Policy with HTTPS Inspection
Lab: Configuring Identity Awareness
Configu ring the Security Policy for Identity Aware ne ss
Define the User Access role
Test Identity Awareness Connection
Lab: Configuring Network Address Translation
Configure Automa tic NAT on network objects
Configure manual Static NAT r ules
Configure Manual Proxy Arp
Test the Automatic Hide NAT configuration
Test the Manual Static NAT Config uration
Lab: Generate and View Traffic
Configure Log Management on the Security Management Server
Viewing live logs and performing searches to gather historic data
Lab: Monitoring System States
Enable the Monitoring Blade
Mon itor status with Smar tView Monitor
Configure Alerts in Smart View Monitor
Configure Suspicious Activity Rules
Lab: Configure Threat Prevention
Enable Autonomous Threat Prevention
Test Anti-Virus Threat Prevention
Lab Steps
Preparing for the Upg rade
Verify ing the Upgrade Tools
Exporting the Management Database
Verifying the CPUSE Version
Lab: Upgrading the Security Management Server
Lab Steps
Performing a Clean Install using CPUSE
Runn ing the First Time Configu ration Wizard
Restoring Fundamental Pa rameters
Apply Jumbo Hotfix using Clish
Impor ting the Management Database
Installing Smart Console
Testing SIC
Verifying Objects and Policies
Lab: Deploying a Secondary Security Management Server
Installing a Seconda ry Secu rity Management Server
Verify Synchronization Prerequisites
Confi guring the Secondary Security Management Server
Verifying the Synchronization Process
Configuring the Security Gateway
Testing the Failover Process
Restoring the Lab Environment
Lab: Configuring a Dis tributed Log Se·rver
Configuring a Distri buted Log Server
Adding the Log Server
Lab: Upgrading Security Gateways from SmartConsole
Upgrading the Security Gateways
Deploying a Hotfix from the Package Reposi tory
Lab: Working with the Command Line
Changing the Expert Mode Authentication Method
Changing the Gaia Timeouts
Changing the Clish Prompt
Adding the ‘ls’ command in Clish
Reverting the Command Prompt to Default
Configuring a Secu ri ty Gateway with a Clish Command Scri pt
Monitoring the System in Clish
Monitoring the System in Expert Mode
Lab: Using Scripts and SmartTasks
Creating a One-Time Script
Running a Script from the Repository
Loading a Script from a File
Configure Smart Tasks to Run a Script
Lab: Configuring Dynamic Objects
Creating a Dynamic Object
Configuring a Dynamic Object on the Gateway
Using Updatable Objects
Removing Dynamic and Updateable Object Config uration
Lab: Monitoring Traffic
Setting up the Lab
Capturing the Traffic
Analyzing the Traffic
Lab: Verifying Policy Installation and Status
Making changes and installing policy
Check installed pol icy files
Reverting to Last Known Good Policy
Lab: Working with Gaia and Management APis
Allowing Access to the Management API
Adding a Host Object and Rule on the Management Server
Publishing and Installing Securi ty Pol icy
Adding a Ro ute with the Gaia API
Lab: Working with Acceleration Features
Check Secu reXL status and connections
Adding a Service that Affects Secure XL
Viewing SecureXL Data in cpview
Check CoreXL Status from Cl1sh and cpview
Lab: Configuring a Locally Managed Site-to-S ite VPN
Enabling IPSec VPN blade and Setting the VPN Domain Link Selection
Configuring a Mesh VPN Communi ty
Testing the VPN
Lab: Configuring a Site-to-Site VPN with an lnteroperable Device
Lab Steps
Creating an lnteroperable Device
Creating a New Meshed Communi ty
Configuring the Community and Adding a VPN RUJle
Test communication
Lab: Configuring Remote Access VPN
Enable IPSec VPN
Configuring VPN Cl ient Parameters
Configuring the Remote Access VPN Community
Adding a Remote Access VPN Rule
Installing the Remote Access Client
Lab: Configuring Mobile Access VPN
Enable Mobile Access blade on the Secu rity Gateway object and comple te the wizard
Configuring Mobile Access on Secur ity Gateway
Adding a Mobile Access VPN Rule
Testing Basic Mobile Access
Adding Native Applications
Test Native Applications
Lab: Configuring a High Availability Cluster
Reconfiguring A-GW
Configu ring the Security Gateways
Creating the A-GW-Cluster
Configuring the A-GW-Cluster Parameters
Adding Licenses
Lab: Working with ClusterXL
Observing Failover Behavior
Setting the VMAC Mode
Disabling Synchronization for Specific Traffic
Mon itoring ClusterXL
Capture CCP traffic
Lab: Configuring Policy Compliance
Verifying and Configuring System Compliance
Marking Violations and Observing System Alerts
Checking the Results
Checking Inactive Objects
Lab: Deploying SmartEvent
Verifying that SmartEvent is Enabled
Configuring Event Policy
Adding a Custom Event Definition
Test the Custom Event Report and Reaction
Customizing a Report
Scheduling a Report

TIPOLOGIA DEL CORSO

Corso di Formazione con Docente;

INFRASTRUTTURA LABORATORIALE

Per tutte le tipologie di erogazione, il Corsista può accedere alle attrezzature e ai sistemi reali Check Point presenti nei Nostri laboratori o direttamente presso i data center Check Point in modalità remota h24. Ogni partecipante dispone di un accesso per implementare le varie configurazioni avendo così un riscontro pratico e immediato della teoria affrontata.
Ecco di seguito alcune topologie di rete dei Laboratori Check Point Disponibili:

PREREQUISITI

I partecipanti dovranno avere una conoscenza basilare dei fondamenti del Networking e della sistemi Windows/Linux.

DURATA E FREQUENZA

Durata Intensiva 5gg;
Varie tipologie di Frequenza Estensiva ed Intensiva.

DOCENTI

I docenti sono Istruttori Ufficiali pluri certificati Check Point e in altre tecnologie IT, con anni di esperienza pratica nel settore e nella Formazione.

MODALITÀ DI ISCRIZIONE

Le iscrizioni sono a numero chiuso per garantire ai tutti i partecipanti un servizio eccellente.
L’iscrizione avviene richiedendo di essere contattati dal seguente Link, o contattando la sede al numero verde 800-177596 o inviando una richiesta all’email [email protected].