| Topic | Details |
| Backup and Restore Security Gateways and Management Servers | - Snapshot management
- Upgrade Tools
- Backup Schedule Recommendations
- Upgrade Tools
- Performing Upgrades
- Support Contract |
| Lab 2: Core CLI Elements of Firewall Administration | - Policy Management and Status
- Verification from the CLI
- Using cpinfo
- Run cpinfo on the Security Management Server
- Analyzing cpinfo in InfoView
- Using fw ctl pstat
- Using tcpdump |
| SmartEvent Architecture | - Component Communication Process
- Event Policy User Interface |
| CoreXL: Multicore Acceleration | - Supported Platforms and Features
- Default Configuration
- Processing Core Allocation
- Allocating Processing Cores
- Adding Processing Cores to the Hardware
- Allocating an Additional Core to the SND
- Allocating a Core for Heavy Logging
- Packet Flows with SecureXL Enabled |
| Lab 1: Upgrading to Check PointR77 | - Install Security Management Server
- Migrating Management server Data
- Importing the Check Point Database
- Launch SmartDashboard
- Upgrading the Security Gateway |
| Multiple Entry Point VPNs | - How Does MEP Work
- Explicit MEP
- Implicit MEP |
| Check Point Firewall Infrastructure | - GUI Clients
- Management |
| Management HA | - The Management High Availability Environment
- Active vs. Standby
- What Data is Backed Up?
- Synchronization Modes
- Synchronization Status |
| Network Address Translation | - How NAT Works
- Hide NAT Process
- Security Servers
- How a Security Server Works
- Basic Firewall Administration
- Common Commands |
| FW Monitor | - What is FW Monitor
- C2S Connections and S2C Packets fw monitor |
| Auditing and Reporting | Objectives:- Create Events or use existing event definitions to generate reports on specific network traffic using SmartReporter and SmartEvent in order to provide industry compliance information to management.
- Using your knowledge of SmartEvent architecture and module communication, troubleshoot report generation given command-line tools and debug-file information.
|
| Lab 3 Migrating to a Clustering Solution | - Installing and Configuring the Secondary Security Gateway Re-configuring the Primary Gateway - Configuring Management Server Routing
- Configuring the Cluster Object
- Testing High Availability
- Installing the Secondary Management Server
- Configuring Management High Availability |
| SecureXL: Security Acceleration | - What SecureXL Does
- Packet Acceleration
- Session Rate Acceleration
- Masking the Source Port
- Application Layer Protocol
- An Example with HTTP HTTP 1.1
- Factors that Preclude Acceleration
- Factors that Preclude Templating (Session Acceleration)
- Packet Flow
- VPN Capabilities |
| Tunnel Management | - Permanent Tunnels
- Tunnel Testing
- VPN Tunnel Sharing
- Tunnel-Management Configuration
- Permanent-Tunnel Configuration
- Tracking Options
- Advanced Permanent-Tunnel configuration
- VPN Tunnel Sharing Configuration |
| Identity Awareness | - Enabling AD Query
- AD Query Setup
- Identifying users behind an HTTP Proxy
- Verifying there’s a logged on AD user at the source IP
- Checking the source computer OS
- Using SmartView Tracker |
| Maintenance Tasks and Tools | - Perform a Manual Failover of the FW Cluster
- Advanced Cluster Configuration |
| Advanced Firewall | Objectives:- Using knowledge of Security Gateway infrastructure, including chain modules, packet flow and kernel tables to describe how to perform debugs on firewall processes.
|
| Clustering and Acceleration | - Clustering Terms
- ClusterXL
- Cluster Synchronization
- Synchronized-Cluster Restrictions
- Securing the Sync Interface
- To Synchronize or Not to Synchronize |
| Lab 4: Configuring SmartDashboard to Interface with Active Directory | - Creating the Active Directory Object in SmartDashboard
- Verify SmartDashboard Communication with the AD Server |
| ClusterXL: Load Sharing | - Multicast Load Sharing
- Unicast Load Sharing
- How Packets Travel Through a Unicast
- LS Cluster
- Sticky Connections |
| SmartReporter | - Report Types |
| Lab 7: SmartEvent and SmartReporter | - Configure the Network Object in SmartDashboard
- Configuring Security Gateways to work with SmartEvent
- Monitoring Events with SmartEvent
- Generate Reports Based on Activities |
| Advanced VPN Concepts and Practices | - IPsec
- Internet Key Exchange (IKE)
- IKE Key Exchange Process
- Phase 1/ Phase 2 Stages |
| Upgrading | Objectives:- Perform a backup of a Security Gateway and Management Server using your
- Understanding of the differences between backups, snapshots, and upgrade-exports.
- Upgrade and troubleshoot a Management Server using a database migration.
- Upgrade and troubleshoot a clustered Security Gateway deployment.
|
| Troubleshooting User Authentication and User Directory (LDAP) | - Common Configuration Pitfalls
- Some LDAP Tools
- Troubleshooting User Authentication |
| Auditing and Reporting Process | - Auditing and Reporting Standards |
| Clustering and Acceleration | Objectives:- Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network.
- Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network.
- Build, test and troubleshoot a management HA deployment on an enterprise network.
- Configure, maintain and troubleshoot SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement on the firewall.
- Build, test and troubleshoot a VRRP deployment on an enterprise network.
|
| Upgrading Standalone Full High Availability | |
| Troubleshooting | - VPN Encryption Issues |
| VRRP | - VRRP vs ClusterXL
- Monitored Circuit VRRP
- Troubleshooting VRRP |
| Advanced IPsec VPN and Remote Access | Objectives:- Using your knowledge of fundamental VPN tunnel concepts, troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKEView, VPN log files and commandline debug tools.
- Optimize VPN performance and availability by using Link Selection and Multiple Entry Point solutions.
- Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers.
|
| Security Gateway | - User and Kernel Mode Processes
- CPC Core Process
- FWM
- FWD
- CPWD
- Inbound and Outbound Packet Flow
- Inbound FW CTL Chain Modules
- Outbound Chain Modules
- Columns in a Chain
- Stateful Inspection |
| Kernel Tables | - Connections Table
- Connections Table Format |
| Advanced User Management | Objectives: - Using an external user database such as LDAP, configure User Directory to incorporate user information for authentication services on the network.
- Manage internal and external user access to resources for Remote Access or across a VPN.
- Troubleshoot user access issues found when implementing Identity Awareness.
|
| Remote Access VPNs | - Connection Initiation
- Link Selection |
