
Corso Check Point Cybersecurity Boot Camp CCSA & CCSE
PANORAMICA

Corso di preparazione al conseguimento della
Contattaci ora per ricevere tutti i dettagli e per richiedere, senza alcun impegno, di parlare direttamente con uno dei nostri Esperti CLICCA QUI.
Oppure chiamaci subito al nostro numero verde 800-177596.
OBIETTIVI DEL CORSO
Advanced course teaches how to build, modify, deploy and troubleshoot Check Point Security Systems on the GAiA operating system. Hands-on lab exercises teach h ow to debug firewall processes, optimize VPN performance and upgrade Management Servers. Validate and enhance your skills and optimally manage Check Point advanced security management systems. Five-day course covers everything you need to start-up, configure and manage daily operations of Check Point Security Gateway and Management Software Blades systems on the GAiA operating system. This course it’s for Technical professionals and expert who support, administer or perform advanced deployment configurations of Check Point products.
CONTENUTI DEL CORSO
Check Point Cybersecurity Boot Camp CCSA & CCSE
- Preface: Check Point Certified Security Administrator
- Introduction to Check Point
- The Role of the Securi ty Administrator
- Chapters & Learning Objectives
- Lab Topology
- Certification
- Check Point CheckMates
- Chapter 1: Introduction to Check Point Technology
- Check Point Security Architecture
- Controlling Network Traffic
- Applying the Content Security Pol icy
- Chapter 2: Introduction to Check Point Deployment
- Check Point Deployment Options
- Deployment Considerations
- Introduction to Gaia Operating System
- Chapter 3: Check Point Security Management Operations
- Network Communication
- The SmartConsole
- SmartConsole Applications
- Administration
- Chapter 4: Check Point Licensing
- Licensing Overview
- SmartUpdate
- Managing Licenses
- Chapter 5: Security Policy Management
- Introduction to the Security Policy
- The Rule Base
- Global Properties
- Publishing Policy
- Policy Packages
- Install Policy
- Chapter 6: Policy Layers
- Policy Layer Concept
- Layers
- Chapter 7: Application Control & URL Filtering
- Application Control & URL Filtering
- Overview of Application Con trol
- URL Filtering
- Configuring App Control & URL Filtering
- Chapter 8: User Access Management
- Overview of User Management
- Methods for Acquiring Identities
- Identity Sharing
- Distinguished Name
- Using Multiple LDAP Servers
- Retrieving Information from a User Directory Server
- Managing Users on a User Directory Server
- Chapter 9: Network Address Translation
- Understanding Network Address Translat ion
- Manual and Automatic NAT
- Chapter 10: Traffic Visibility
- Using SmartConsole
- Analyzing Logs
- Chapter 11: Monitoring System States
- Mon itoring Traffic and Connections
- Chapter 12: Threat Prevention
- Threat Prevention
- Autonomous Threat Prevention
- Intrusion Prevention System
- Anti-Malware
- Threat Emulation & Threat Extraction
- Internet of Things Protections
- Preface: Check Point Certified Security Expert
- Check Point Security Expert Course
- Recommended Knowledge
- Course Chapters and Learning Objectives
- Lab Topology
- Related Certification
- Check Point CheckMates
- Chapter 1: Management Upgrade and Migration
- Upgrading Security Management Servers
- Upgrade I Download Wizard
- Check Point Upgrade Service Engine (CPUSEl
- CPUSE Upgrade Method
- Advanced Upgrade with Database Migration
- lnstatling Hot fixes and Major Version Upgrades
- Chapter 2: Management High Availability
- Management Redundancy
- Troubleshooting Management High Availability
- Chapter 3: Security Gateway Upgrade
- Security Gateway Upgrade
- Package Reposi tory
- Upgrading Security Ga teway Cl usters
- Using the Blink Utility
- Chapter 4: Advanced Check Point Maintenance
- Gaia CLI Commands
- Working with Bash
- Check Point Processes
- Scripts
- Chapter 5: Security Gateway Operations
- Management Data Plane Separation (MD PSI
- Packet Flow
- Mon itoring Traffic Flow
- Dynamic Objects
- Updatable Objects
- Chapter 6: Policy Installation
- Policy Types Layers and Packages
- Policy Installation Flow
- Chapter 7: Gaia and Management APis
- Automation
- Using Gaia and Management APis
- API Access Methods
- Chapter 8: Acceleration
- Introduction
- CoreXL
- Multiple Traffic Queues
- Chapter 9: Site-to-Site VPN
- Introduction to VPN
- Internet Key Exchange liKE
- Site-to-Site VPN
- VPN Communities
- Domain Based VPN
- Access Control for VPN Traffic
- Configuring Site- to-Site VPN
- Exte rnally Managed Certificate Authentication
- Chapter 10: Remote Access VPN
- Introduction to Remote Access VPN
- Authentica tion
- Remote Access Cl ients
- License Requirements
- Client to Gateway Communication Challenges
- Secure Configuration Verification
- Desktop Security
- Multiple Entry Point [MEP) for Remote Access
- SSL Network Extender
- Configuring Remote Access VPN
- Chapter 11: Mobile Access VPN
- Introduction to Mobile Access VPN
- How does Mobile Access VPN work?
- Mobile Access Security Policy
- Configuring Mobile Access
- Mobile Access Applications and Options
- Chapter 12: Clustering
- Introduction to Cluster and ClusterXL
- ClusterXL
- Virtual lP Addresses
- Virtual MAC Addresses [VMAC)
- Cluster Synchronization
- Cluster Failover and Status Commands
- Cluster Traffic Flows
- Cluster Control Protocoi(CCPI)
- Sticky Connections
- Configuring a Secu rity Gateway Cluster
- NAT and Proxy ARP for Clusters
- Chapter 13: Advanced Logs and Monitoring
- Compliance Analysis Feature
- SmartEvent
- Remediating Security Events
- Reporting Security Events
- Event Views and Definitions
- Suspicious Activity Monitoring
Attività Laboratoriali
- Lab: Installation of the Primary Security Management Server
- Installing the Gaia Operati ng system
- Installing the Security Management Server Software:
- Installing SmartConsole
- Lab: Configuration of a Security Gateway
- Poweri ng on the Security Gateway
- Configu ring the Security Gateway
- Lab : Establishing Secure Internal Communication
- Creat ing Gateway Objects in SmartConsole
- Testing SIC status to the Gateway
- Lab: Managing User Access
- Creat ing New Administrators and Assigning Profi les
- Testing Administrator Profile Assignments
- Managing Co ncurrent Administrator Sessions
- Taking Over an Administrator Session
- Lab: Managing Licenses
- Verifying the status of existing l icenses in SmartConsole
- Attaching a license using SmartConsole
- Generating a license report
- Lab: Creating the Alpha Standard security policy
- Creating Policy Objec ts
- Creating a Standard Security Policy
- Installing the Standard Security Policy
- Testing the Standard Security Policy
- Lab: Creating the Bravo Security Policy
- Establishing SIC to B-GW
- Adding a license to B-GW
- Enable security zones on B-GW
- Create B-GW Security Zones Policy
- Test Internet connectivity
- Lab: Configuring Order Layers
- Add Two New Order Layers to be Shared
- Configure the new ordered layers rules
- Use the Shared Layer on Bravo Policy
- Testing the Shared APPI+URL Layer on Bravo Gatteway
- Testing the Shared Data_ Control Layer on Bravo Gateway
- Lab: Configuring a Shared lnline Layer
- Create A Shared DMZ layer
- Sharing the In line DMZ layer with Bravo-policy
- Testing the Shared lnline DMZ Layer
- Lab: Configuring a Unified Policy
- Create a Unified Policy Layer
- Update the Appi+URL Layer
- Create a Unified Policy
- Lab: Configuring HTIPS Inspection Policy
- Enable HTTPS Inspect ion
- Create a HTIPS Inspection rule
- Deploy the Security Gateway Cert ificate
- Test Unified-Policy with HTTPS Inspection
- Lab: Configuring Identity Awareness
- Configu ring the Security Policy for Identity Aware ne ss
- Define the User Access role
- Test Identity Awareness Connection
- Lab: Configuring Network Address Translation
- Configure Automa tic NAT on network objects
- Configure manual Static NAT r ules
- Configure Manual Proxy Arp
- Test the Automatic Hide NAT configuration
- Test the Manual Static NAT Config uration
- Lab: Generate and View Traffic
- Configure Log Management on the Security Management Server
- Viewing live logs and performing searches to gather historic data
- Lab: Monitoring System States
- Enable the Monitoring Blade
- Mon itor status with Smar tView Monitor
- Configure Alerts in Smart View Monitor
- Configure Suspicious Activity Rules
- Lab: Configure Threat Prevention
- Enable Autonomous Threat Prevention
- Test Anti-Virus Threat Prevention
- Lab Steps
- Preparing for the Upg rade
- Verify ing the Upgrade Tools
- Exporting the Management Database
- Verifying the CPUSE Version
- Lab: Upgrading the Security Management Server
- Lab Steps
- Performing a Clean Install using CPUSE
- Runn ing the First Time Configu ration Wizard
- Restoring Fundamental Pa rameters
- Apply Jumbo Hotfix using Clish
- Impor ting the Management Database
- Installing Smart Console
- Testing SIC
- Verifying Objects and Policies
- Lab: Deploying a Secondary Security Management Server
- Installing a Seconda ry Secu rity Management Server
- Verify Synchronization Prerequisites
- Confi guring the Secondary Security Management Server
- Verifying the Synchronization Process
- Configuring the Security Gateway
- Testing the Failover Process
- Restoring the Lab Environment
- Lab: Configuring a Dis tributed Log Se·rver
- Configuring a Distri buted Log Server
- Adding the Log Server
- Lab: Upgrading Security Gateways from SmartConsole
- Upgrading the Security Gateways
- Deploying a Hotfix from the Package Reposi tory
- Lab: Working with the Command Line
- Changing the Expert Mode Authentication Method
- Changing the Gaia Timeouts
- Changing the Clish Prompt
- Adding the ‘ls’ command in Clish
- Reverting the Command Prompt to Default
- Configuring a Secu ri ty Gateway with a Clish Command Scri pt
- Monitoring the System in Clish
- Monitoring the System in Expert Mode
- Lab: Using Scripts and SmartTasks
- Creating a One-Time Script
- Running a Script from the Repository
- Loading a Script from a File
- Configure Smart Tasks to Run a Script
- Lab: Configuring Dynamic Objects
- Creating a Dynamic Object
- Configuring a Dynamic Object on the Gateway
- Using Updatable Objects
- Removing Dynamic and Updateable Object Config uration
- Lab: Monitoring Traffic
- Setting up the Lab
- Capturing the Traffic
- Analyzing the Traffic
- Lab: Verifying Policy Installation and Status
- Making changes and installing policy
- Check installed pol icy files
- Reverting to Last Known Good Policy
- Lab: Working with Gaia and Management APis
- Allowing Access to the Management API
- Adding a Host Object and Rule on the Management Server
- Publishing and Installing Securi ty Pol icy
- Adding a Ro ute with the Gaia API
- Lab: Working with Acceleration Features
- Check Secu reXL status and connections
- Adding a Service that Affects Secure XL
- Viewing SecureXL Data in cpview
- Check CoreXL Status from Cl1sh and cpview
- Lab: Configuring a Locally Managed Site-to-S ite VPN
- Enabling IPSec VPN blade and Setting the VPN Domain Link Selection
- Configuring a Mesh VPN Communi ty
- Testing the VPN
- Lab: Configuring a Site-to-Site VPN with an lnteroperable Device
- Lab Steps
- Creating an lnteroperable Device
- Creating a New Meshed Communi ty
- Configuring the Community and Adding a VPN RUJle
- Test communication
- Lab: Configuring Remote Access VPN
- Enable IPSec VPN
- Configuring VPN Cl ient Parameters
- Configuring the Remote Access VPN Community
- Adding a Remote Access VPN Rule
- Installing the Remote Access Client
- Lab: Configuring Mobile Access VPN
- Enable Mobile Access blade on the Secu rity Gateway object and comple te the wizard
- Configuring Mobile Access on Secur ity Gateway
- Adding a Mobile Access VPN Rule
- Testing Basic Mobile Access
- Adding Native Applications
- Test Native Applications
- Lab: Configuring a High Availability Cluster
- Reconfiguring A-GW
- Configu ring the Security Gateways
- Creating the A-GW-Cluster
- Configuring the A-GW-Cluster Parameters
- Adding Licenses
- Lab: Working with ClusterXL
- Observing Failover Behavior
- Setting the VMAC Mode
- Disabling Synchronization for Specific Traffic
- Mon itoring ClusterXL
- Capture CCP traffic
- Lab: Configuring Policy Compliance
- Verifying and Configuring System Compliance
- Marking Violations and Observing System Alerts
- Checking the Results
- Checking Inactive Objects
- Lab: Deploying SmartEvent
- Verifying that SmartEvent is Enabled
- Configuring Event Policy
- Adding a Custom Event Definition
- Test the Custom Event Report and Reaction
- Customizing a Report
- Scheduling a Report
TIPOLOGIA DEL CORSO
Corso di Formazione con Docente;
INFRASTRUTTURA LABORATORIALE
Per tutte le tipologie di erogazione, il Corsista può accedere alle attrezzature e ai sistemi reali Check Point presenti nei Nostri laboratori o direttamente presso i data center Check Point in modalità remota h24. Ogni partecipante dispone di un accesso per implementare le varie configurazioni avendo così un riscontro pratico e immediato della teoria affrontata.
Ecco di seguito alcune topologie di rete dei Laboratori Check Point Disponibili:

PREREQUISITI
I partecipanti dovranno avere una conoscenza basilare dei fondamenti del Networking e della sistemi Windows/Linux.
DURATA E FREQUENZA
Durata Intensiva 5gg;
Varie tipologie di Frequenza Estensiva ed Intensiva.
DOCENTI
I docenti sono Istruttori Ufficiali pluri certificati Check Point e in altre tecnologie IT, con anni di esperienza pratica nel settore e nella Formazione.
MODALITÀ DI ISCRIZIONE
Le iscrizioni sono a numero chiuso per garantire ai tutti i partecipanti un servizio eccellente.
L’iscrizione avviene richiedendo di essere contattati dal seguente Link, o contattando la sede al numero verde 800-177596 o inviando una richiesta all’email [email protected].
CALENDARIO
- Corso Check Point Cybersecurity Boot Camp CCSA & CCSE (Formula Intensiva 5gg) – 20/03/2023 – 9:00 – 17:00