About this Course
Introduction
Course Length: 2 days
Check Point Security Administration NGX II offers advanced training on VPN-1/FireWall-1, and delivers in-depth information on VPN and encryption technologies. This course is designed for Security Administrators and resellers, who require in-depth knowledge of VPN-1/FireWall-1 that goes beyond basic installation, setup, and methodologies.
Audience
This course is designed for Security Administrators and resellers who require in-depth knowledge of VPN-1/Firewall-1 that goes beyond basic installation, setup- and methodologies.
Take this course if:
• You are a systems administrator, security manager, or network engineer implementing VPN-1/FireWall-1 for VPN deployments
• Want to earn Check Point Certified Security Expert NGX certification
The following professionals benefit best from this course
• System Administrators
• Support Analysts
• Network Engineers
Prerequisites
Before taking this course we suggest that you have the following knowledge base:
• Check Point NGX with Application Intellligence – Management I
• Working knowledge of Firewall technologies
• Working knowledge of TCP/IP and Internet communications
• Working knowledge of client/server configurations
• Working knowledge of network technologies including – but not limited to routers, gateways and servers
• Working knowledge of Windows and/or UNIX operating systems, including command-line interfaces.
Course Outline
• Use NGX tools to install NGX on Windows Server 2003 and SecurePlatform
• Use NGX tools to upgrade to NGX, from VPN-1/FireWall-1 NG or VPN-1 NG with Application Intelligence
• Use advanced NGX features to minimize the information-security management burden, when working with objects and rules
• Determine whether Database Revision Control or Policy Package Management is the appropriate solution, given a variety of scenarios
• Identify the features and limitations of Management High Availability
• Use fw monitor to capture and view packets
• Use fw ctl pstat to verify the health of the NGX Security Gateway and SmartCenter Server
• Review VPN-1 debugging and troubleshooting commands, including cpinfo
• Given a variety of Check Point QoS configurations, determine how bandwidth will be allocated
• Identify situations where Low Latency Queueing and Differentiated Services are an appropriate part of a QoS solution
• Configure NGX to allow VoIP traffic to pass through a corporate Security Gateway
• Identify different modes in ClusterXL configuration, and configure ClusterXL VPN
• Configure a Policy Server and SecureClient Rule Base
• Configure route-based VPN and dynamic VPN routing
Exercises
• Installing VPN-1/FireWall-1
• Setting up SecuRemote and SecureClient for remote-access VPNs
• Configuring logical servers for load balancing
• Using content security to enable Java blocking, URL filtering and anti-virus checking
• Configuring two-gateway IKE encryption
Web Design by: 