Overview

This online instructor-led training course provides the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades.

In this course students will learn how to configure a security policy and learn about managing and monitoring a secure network, upgrading and configuring a security gateway, and implementing a virtual private network (VPN), and more! This course provides the underlying material required to prepare candidates for the CCSA R80 certification exam.

Exam #156-215.80: Check Point Certified Security Administrator R80

Course Instructor: Faisal Khan

Course Outline

01. Next Generation Firewalls

  • The difference between packet filtering, and everything else, App Control URL Filtering, AV, AB, VPN, HTTPS Inspection, etc.
  • Deep Packet Inspection (DPI)

02. In-line versus Host-based Firewalls

  • The purpose of this module is to discuss in-line appliances, CP does have AEP that leverages a host-based firewall, but there is a whole other solution segment dedicated to host-based firewalling, Guardicore, Illumio, etc

03. CP is based on a centrally managed architecture

  • 3-tiered architecture – SmartConsole, Security Management & Security Gateway
  • Security management Server (SMS)
  • Gateways
  • 3 deployment modes – Standalone (SMS and Gateway on same appliance), Distributed (different appliances) and Bridge (insert another gateway within the same subnet)

04. Configuration

  • SmartConsole
  • Application that manages the architecture centrally
  • Blade activation, blade is what Check Point calls their features
  • SIC
  • Clustering
  • Global parameters and rules
  • NATing policies
  • Policy rulebase for each blade
  • Web User Interface (WebUI)
  • Network Interfaces
  • ARP config
  • System Time, Logging
  • Advanced Routing
  • User Management
  • Backup & Restore
  • CPUSE
  • Command Line Interface (CLI)
  • Another channel to set configuration, and also use valuable tools, tools that are not available in the WebUI
  • Tcpdump, FW Monitor, Zdebug, will have own sections

05. SMS-Gateway Communication

  • Secure Internal Communication (SIC)
  • Comm Channel between SMS and Gateway
  • Policy installation
  • Logs
  • Internal Certificate Authority – ICA, issues certificates for the following services: SIC, VPN, Users

06. Configuration and Commands

  • Local Configuration
  • WebUI
  1. Overview – Widgets
  • System Uptime, Traffic stats, Blade stats, Db Update status, Network Link status
  • Basic and Advanced view
  • Network Interface config
  • ARP
  • DHCP Server
  • Host and DNS
  • IPv4 Static Routes
  • NetFlow Export
  • System Management
  • Time
  • SNMP
  • Messages (Banners)
  • Advanced Routing
  • DHCP Relay
  • BGP
  • IGMP
  • RIP
  • OSPF
  • Route Aggregation
  • Route Redistribution
  • User Management
  • Change My Password
  • Users
  • Roles
  • Password Policy
  • High Availability
  • VRRP (and Advanced VRRP)
  • Maintenance
  • License Status
  • Snapshot Management
  • System Backup
  • Upgrades (CPUSE)
  • Status and Actions
  • Software Updates Policy
  • CLI – Accessed via a terminal emulator like PuTTY or ZOC on port 22, ssh
  • CLISH – CLI Shell
  • Most Check Point specific commands are run from this shell
  • Show configuration – lists the local appliance config Db, like sh run in Cisco iOS
  • Set expert-password, allows you to access the Expert prompt (Linux)
  • Expert – BA Shell BASH – Password Protected
  • More Linux specific commands are run from this shell
  • Tcpdump, ls, etc
  • Shutdown and reboot commands

07. Security Policies & Rulebase

  • Overview
  • Policy
  • Policy Attributes
  • Best Practice
  • Rulebase

08. Software Blades

  • Firewall
  • IPSec VPN
  • Mobile Access
  • Application Control
  • URL Filtering
  • Data Loss Prevention
  • IPS
  • Anti-Bot
  • Anti-Virus
  • Threat Emulation
  • Threat Extraction
  • Anti-Spam & Email Security
  • Identity Awareness
  • Content Awareness
  • QOS
  • ClusterXL
  • Monitoring

09. Logging and Tracing

  • Logs & Monitor
  • Tracing Tools

10. Imaging & Clustering

  • Imaging
  • ClusterXL

11. VIPs & VMACs

  • Clustering the local config and SMS config
  • Talking to one Virtual IP and one Virtual MAC address

12. Manage & Settings

  • Permission & Administrators
  • Blades
  • Sessions
  • Revisions
  • Tags
  • Preferences
  • Sync with UserCenter

Skills Learned

After completing this online training course, students will be able to:

  • Introduce Check Point Technologies
  • Implement Security Policy Management
  • Utilize Policy Layers
  • Explain Check Point Security Solutions and Licensing
  • Implement Traffic Visibility
  • Explain Basic Concepts of VPN
  • Manage User Access
  • Work with ClusterXL
  • Administer Task Implementation