
Corso Check Point CCSE Security Expert
PANORAMICA

Corso di preparazione al conseguimento della
Certificazione Check Point CCSE
Check Point Security Expert (CCSE)
Contattaci ora per ricevere tutti i dettagli e per richiedere, senza alcun impegno, di parlare direttamente con uno dei nostri Esperti CLICCA QUI.
Oppure chiamaci subito al nostro numero verde 800-177596.
OBIETTIVI DEL CORSO
Il Corso Check Point CCSE Security Expert fornisce le competenze e le conoscenze avanzate e approfondite sulle principali soluzioni Check Point. Durante questo corso si affronteranno tecniche chiave per la creazione, l’implementazione e il miglioramento delle prestazioni di rete e funzionalità di gestione e risoluzione dei problemi per mitigare i rischi per la sicurezza. Il percorso è fortemente orientato alla pratica laboratoriale e nel contempo, prepara alla prestigiosa certificazione Check Point Certified Expert (CCSE). La didattica è sviluppata attorno ai seguenti argomenti chiave: High Availability, Security Gateway Operations, Policy Installation, Automation and Orchestration, Site-to-Site and Remote Access VPN, Clustering, Advanced Logs and Monitorin e altro ancora.
CONTENUTI DEL CORSO
Check Point CCSE Security Expert
- Preface: Check Point Certified Security Expert
- Check Point Security Expert Course
- Recommended Knowledge
- Course Chapters and Learning Objectives
- Lab Topology
- Related Certification
- Check Point CheckMates
- Chapter 1: Management Upgrade and Migration
- Upgrading Security Management Servers
- Upgrade I Download Wizard
- Check Point Upgrade Service Engine (CPUSEl
- CPUSE Upgrade Method
- Advanced Upgrade with Database Migration
- lnstatling Hot fixes and Major Version Upgrades
- Chapter 2: Management High Availability
- Management Redundancy
- Troubleshooting Management High Availability
- Chapter 3: Security Gateway Upgrade
- Security Gateway Upgrade
- Package Reposi tory
- Upgrading Security Ga teway Cl usters
- Using the Blink Utility
- Chapter 4: Advanced Check Point Maintenance
- Gaia CLI Commands
- Working with Bash
- Check Point Processes
- Scripts
- Chapter 5: Security Gateway Operations
- Management Data Plane Separation (MD PSI
- Packet Flow
- Mon itoring Traffic Flow
- Dynamic Objects
- Updatable Objects
- Chapter 6: Policy Installation
- Policy Types Layers and Packages
- Policy Installation Flow
- Chapter 7: Gaia and Management APis
- Automation
- Using Gaia and Management APis
- API Access Methods
- Chapter 8: Acceleration
- Introduction
- CoreXL
- Multiple Traffic Queues
- Chapter 9: Site-to-Site VPN
- Introduction to VPN
- Internet Key Exchange liKE
- Site-to-Site VPN
- VPN Communities
- Domain Based VPN
- Access Control for VPN Traffic
- Configuring Site- to-Site VPN
- Exte rnally Managed Certificate Authentication
- Chapter 10: Remote Access VPN
- Introduction to Remote Access VPN
- Authentica tion
- Remote Access Cl ients
- License Requirements
- Client to Gateway Communication Challenges
- Secure Configuration Verification
- Desktop Security
- Multiple Entry Point [MEP) for Remote Access
- SSL Network Extender
- Configuring Remote Access VPN
- Chapter 11: Mobile Access VPN
- Introduction to Mobile Access VPN
- How does Mobile Access VPN work?
- Mobile Access Security Policy
- Configuring Mobile Access
- Mobile Access Applications and Options
- Chapter 12: Clustering
- Introduction to Cluster and ClusterXL
- ClusterXL
- Virtual lP Addresses
- Virtual MAC Addresses [VMAC)
- Cluster Synchronization
- Cluster Failover and Status Commands
- Cluster Traffic Flows
- Cluster Control Protocoi(CCPI)
- Sticky Connections
- Configuring a Secu rity Gateway Cluster
- NAT and Proxy ARP for Clusters
- Chapter 13: Advanced Logs and Monitoring
- Compliance Analysis Feature
- SmartEvent
- Remediating Security Events
- Reporting Security Events
- Event Views and Definitions
- Suspicious Activity Monitoring
Attività Laboratoriali
- Lab: Preparing for a Security Management Server Upgrade
- Lab Steps
- Preparing for the Upg rade
- Verify ing the Upgrade Tools
- Exporting the Management Database
- Verifying the CPUSE Version
- Lab: Upgrading the Security Management Server
- Lab Steps
- Performing a Clean Install using CPUSE
- Runn ing the First Time Configu ration Wizard
- Restoring Fundamental Pa rameters
- Apply Jumbo Hotfix using Clish
- Impor ting the Management Database
- Installing Smart Console
- Testing SIC
- Verifying Objects and Policies
- Lab: Deploying a Secondary Security Management Server
- Installing a Seconda ry Secu rity Management Server
- Verify Synchronization Prerequisites
- Confi guring the Secondary Security Management Server
- Verifying the Synchronization Process
- Configuring the Security Gateway
- Testing the Failover Process
- Restoring the Lab Environment
- Lab: Configuring a Dis tributed Log Se·rver
- Configuring a Distri buted Log Server
- Adding the Log Server
- Lab: Upgrading Security Gateways from SmartConsole
- Upgrading the Security Gateways
- Deploying a Hotfix from the Package Reposi tory
- Lab: Working with the Command Line
- Changing the Expert Mode Authentication Method
- Changing the Gaia Timeouts
- Changing the Clish Prompt
- Adding the ‘ls’ command in Clish
- Reverting the Command Prompt to Default
- Configuring a Secu ri ty Gateway with a Clish Command Scri pt
- Monitoring the System in Clish
- Monitoring the System in Expert Mode
- Lab: Using Scripts and SmartTasks
- Creating a One-Time Script
- Running a Script from the Repository
- Loading a Script from a File
- Configure Smart Tasks to Run a Script
- Lab: Configuring Dynamic Objects
- Creating a Dynamic Object
- Configuring a Dynamic Object on the Gateway
- Using Updatable Objects
- Removing Dynamic and Updateable Object Config uration
- Lab: Monitoring Traffic
- Setting up the Lab
- Capturing the Traffic
- Analyzing the Traffic
- Lab: Verifying Policy Installation and Status
- Making changes and installing policy
- Check installed pol icy files
- Reverting to Last Known Good Policy
- Lab: Working with Gaia and Management APis
- Allowing Access to the Management API
- Adding a Host Object and Rule on the Management Server
- Publishing and Installing Securi ty Pol icy
- Adding a Ro ute with the Gaia API
- Lab: Working with Acceleration Features
- Check Secu reXL status and connections
- Adding a Service that Affects Secure XL
- Viewing SecureXL Data in cpview
- Check CoreXL Status from Cl1sh and cpview
- Lab: Configuring a Locally Managed Site-to-S ite VPN
- Enabling IPSec VPN blade and Setting the VPN Domain Link Selection
- Configuring a Mesh VPN Communi ty
- Testing the VPN
- Lab: Configuring a Site-to-Site VPN with an lnteroperable Device
- Lab Steps
- Creating an lnteroperable Device
- Creating a New Meshed Communi ty
- Configuring the Community and Adding a VPN RUJle
- Test communication
- Lab: Configuring Remote Access VPN
- Enable IPSec VPN
- Configuring VPN Cl ient Parameters
- Configuring the Remote Access VPN Community
- Adding a Remote Access VPN Rule
- Installing the Remote Access Client
- Lab: Configuring Mobile Access VPN
- Enable Mobile Access blade on the Secu rity Gateway object and comple te the wizard
- Configuring Mobile Access on Secur ity Gateway
- Adding a Mobile Access VPN Rule
- Testing Basic Mobile Access
- Adding Native Applications
- Test Native Applications
- Lab: Configuring a High Availability Cluster
- Reconfiguring A-GW
- Configu ring the Security Gateways
- Creating the A-GW-Cluster
- Configuring the A-GW-Cluster Parameters
- Adding Licenses
- Lab: Working with ClusterXL
- Observing Failover Behavior
- Setting the VMAC Mode
- Disabling Synchronization for Specific Traffic
- Mon itoring ClusterXL
- Capture CCP traffic
- Lab: Configuring Policy Compliance
- Verifying and Configuring System Compliance
- Marking Violations and Observing System Alerts
- Checking the Results
- Checking Inactive Objects
- Lab: Deploying SmartEvent
- Verifying that SmartEvent is Enabled
- Configuring Event Policy
- Adding a Custom Event Definition
- Test the Custom Event Report and Reaction
- Customizing a Report
- Scheduling a Report
TIPOLOGIA DEL CORSO
Lezioni frontali Presenza in Aula e Laboratorio;
Lezioni a distanza in Video Presenza Tempo Reale e Laboratorio;
INFRASTRUTTURA LABORATORIALE
Per tutte le tipologie di erogazione, il Corsista può accedere alle attrezzature e ai sistemi reali Check Point presenti nei Nostri laboratori o direttamente presso i data center Check Point in modalità remota h24. Ogni partecipante dispone di un accesso per implementare le varie configurazioni avendo così un riscontro pratico e immediato della teoria affrontata.
Ecco di seguito alcune topologie di rete dei Laboratori Check Point Disponibili:

PREREQUISITI
Aver frequentato il Corso Check Point CCSA o possedere competenze equivalenti.
DURATA E FREQUENZA
Durata Intensiva 3gg;
Varie tipologie di Frequenza Estensiva ed Intensiva.
DOCENTI
I docenti sono Istruttori Ufficiali pluri certificati Check Point e in altre tecnologie IT, con anni di esperienza pratica nel settore e nella Formazione.
MODALITÀ DI ISCRIZIONE
Le iscrizioni sono a numero chiuso per garantire ai tutti i partecipanti un servizio eccellente.
L’iscrizione avviene richiedendo di essere contattati dal seguente Link, o contattando la sede al numero verde 800-177596 o inviando una richiesta all’email [email protected].
CALENDARIO
- Corso Check Point CCSE (Formula Intensiva 3gg) – 20/03/2023 – 9:00 – 17:00