Duration: 3 days
Check Point Security Master is an advanced technical 3-day course which teaches how to use advanced commands to configure and troubleshoot Check Point Security Systems.
Upon completion of this course, students are able to:
- Advanced Database Management
- Kernel Mode and User Mode Troubleshooting
- SmartConsole and Policy Management
- Advanced Network Address Translation
- VPN Troubleshooting
- Troubleshooting Access Control Policies
- Troubleshooting Threat Prevention Policies
- Optimization and Tuning
- Advanced Clustering
- Acceleration Debugging
- Obtain a deeper knowledge of the Security Management Architecture.
- Understand how the Security Management Server uses key processes and debugs.
- Review how objects are represented in the database.
- Understand how GuiDBedit operates.
- Understand how to use fw monitor to capture packets.
- Discuss how to enable and use core dumps when a User mode process crashes.
- Understand how to troubleshoot and debug SmartConsole issues.
- Understand how to troubleshoot and debug NAT issues using Gaia commands.
- Understand Client Side and Server Side NAT.
- Describe how to configure port mapping services.
- Recognize how to debug VPN-related issues.
- Understand how to debug HTTPS Inspection related issues.
- Understand how to troubleshoot and debug Content Awareness issues.
- Understand how to troubleshoot Anti-Bot and Antivirus issues.
- Discuss how to use IPS Bypass to manage performance issues.
- Understand how to configure IPS to reduce false positives.
- Understand how to evaluate hardware configurations for optimal performance.
- Discover additional tools to assist in monitoring CPU utilization.
- Understand how to monitor cluster status and work with critical devices.
- Recognize how to use fwaccel and sim to enable and disable accelerated traffic.
- Understand how to configure CoreXL to enhance Security Gateway performance.
- Understand how to deploy IPv6 in a local environment
Lab Exercises Include:
- Perform Solr database queries and review the results.
- Use debug files to troubleshoot SmartConsole.
- Use debug commands to explore common management issues.
- Demonstrate how to troubleshoot two methods of Automatic NAT.
- Demonstrate how to manually configure NAT.
- Configure port mapping of services as an alternative to performing NAT.
- Use vpn debug tools to identify issues that may have occurred during encryption
- Manipulate IPS settings to enhance performance and reduce false positives.
- Evaluate network security conditions using the Check Point CheckMe tool.
- Use policy settings to improve performance of Security Gateways.
- Tune the Security Policy for improved Security Gateway performance
- Evaluate the Security Gateway cluster conditions by examining the debug files.
- Demonstrate how to manage connections in a clustered environment.
- Demonstrate how to debug Security Management Server synchronization
- Demonstrate how to identify the cause of acceleration related issues.
- Demonstrate how to configure advanced CoreXL settings
- Define and test communication in an IPv6 environment
Prior to taking this course, it is recommended that learners possess the following:
- R80 CCSE or R77 CCSM
- General knowledge of TCP/IP
- Working knowledge of Windows and UNIX
- Working knowledge of network technology
- Working knowledge of Internet technology