Overview
In this course students will learn how to configure a security policy and learn about managing and monitoring a secure network, upgrading and configuring a security gateway, and implementing a virtual private network (VPN), and more! This course provides the underlying material required to prepare candidates for the CCSA R80 certification exam.
Exam #156-215.80: Check Point Certified Security Administrator R80
Course Instructor: Faisal Khan
Course Outline
01. Next Generation Firewalls
- The difference between packet filtering, and everything else, App Control URL Filtering, AV, AB, VPN, HTTPS Inspection, etc.
- Deep Packet Inspection (DPI)
02. In-line versus Host-based Firewalls
- The purpose of this module is to discuss in-line appliances, CP does have AEP that leverages a host-based firewall, but there is a whole other solution segment dedicated to host-based firewalling, Guardicore, Illumio, etc
03. CP is based on a centrally managed architecture
- 3-tiered architecture – SmartConsole, Security Management & Security Gateway
- Security management Server (SMS)
- Gateways
- 3 deployment modes – Standalone (SMS and Gateway on same appliance), Distributed (different appliances) and Bridge (insert another gateway within the same subnet)
04. Configuration
- SmartConsole
- Application that manages the architecture centrally
- Blade activation, blade is what Check Point calls their features
- SIC
- Clustering
- Global parameters and rules
- NATing policies
- Policy rulebase for each blade
- Web User Interface (WebUI)
- Network Interfaces
- ARP config
- System Time, Logging
- Advanced Routing
- User Management
- Backup & Restore
- CPUSE
- Command Line Interface (CLI)
- Another channel to set configuration, and also use valuable tools, tools that are not available in the WebUI
- Tcpdump, FW Monitor, Zdebug, will have own sections
05. SMS-Gateway Communication
- Secure Internal Communication (SIC)
- Comm Channel between SMS and Gateway
- Policy installation
- Logs
- Internal Certificate Authority – ICA, issues certificates for the following services: SIC, VPN, Users
06. Configuration and Commands
- Local Configuration
- WebUI
- Overview – Widgets
- System Uptime, Traffic stats, Blade stats, Db Update status, Network Link status
- Basic and Advanced view
- Network Interface config
- ARP
- DHCP Server
- Host and DNS
- IPv4 Static Routes
- NetFlow Export
- System Management
- Time
- SNMP
- Messages (Banners)
- Advanced Routing
- DHCP Relay
- BGP
- IGMP
- RIP
- OSPF
- Route Aggregation
- Route Redistribution
- User Management
- Change My Password
- Users
- Roles
- Password Policy
- High Availability
- VRRP (and Advanced VRRP)
- Maintenance
- License Status
- Snapshot Management
- System Backup
- Upgrades (CPUSE)
- Status and Actions
- Software Updates Policy
- CLI – Accessed via a terminal emulator like PuTTY or ZOC on port 22, ssh
- CLISH – CLI Shell
- Most Check Point specific commands are run from this shell
- Show configuration – lists the local appliance config Db, like sh run in Cisco iOS
- Set expert-password, allows you to access the Expert prompt (Linux)
- Expert – BA Shell BASH – Password Protected
- More Linux specific commands are run from this shell
- Tcpdump, ls, etc
- Shutdown and reboot commands
07. Security Policies & Rulebase
- Overview
- Policy
- Policy Attributes
- Best Practice
- Rulebase
08. Software Blades
- Firewall
- IPSec VPN
- Mobile Access
- Application Control
- URL Filtering
- Data Loss Prevention
- IPS
- Anti-Bot
- Anti-Virus
- Threat Emulation
- Threat Extraction
- Anti-Spam & Email Security
- Identity Awareness
- Content Awareness
- QOS
- ClusterXL
- Monitoring
09. Logging and Tracing
- Logs & Monitor
- Tracing Tools
10. Imaging & Clustering
- Imaging
- ClusterXL
11. VIPs & VMACs
- Clustering the local config and SMS config
- Talking to one Virtual IP and one Virtual MAC address
12. Manage & Settings
- Permission & Administrators
- Blades
- Sessions
- Revisions
- Tags
- Preferences
- Sync with UserCenter
Skills Learned
After completing this online training course, students will be able to:
- Introduce Check Point Technologies
- Implement Security Policy Management
- Utilize Policy Layers
- Explain Check Point Security Solutions and Licensing
- Implement Traffic Visibility
- Explain Basic Concepts of VPN
- Manage User Access
- Work with ClusterXL
- Administer Task Implementation