This 5 day bundle course covers the following two Check Point training courses:Check Point Certified Security Expert (CCSE) R81.10 – 3 daysandCheck Point Certified Troubleshooting Expert (CCTE) R81.10 – 2 daysThis advanced CCSE part of the course (Monday to Wednesday) teaches how to build, modify, deploy and troubleshoot Check Point Security Systems on the GAiA operating system. Hands-on lab exercises teach how to debug firewall processes, optimize VPN performance and upgrade Management Servers.
The CCTE of the course (Thursday to Friday) provides advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point Security environment.
TARGET AUDIENCE:
Technical professionals who perform advanced deployment configurations of Check Point products. Security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments.
COURSE PREREQUISITES:
CCSA training and/or certification with a working knowledge of Windows and/or UNIX, networking technology, the Internet and TCP/IP, and advanced knowledge of Check Point Security products.
COURSE CONTENT:
CCSE -Topics:• Management Maintenance • Management Migration • Management • High Availability • Policy Automation • Gateway Maintenance • The Firewall Kernel • User-Mode Processes • ClusterXL • Traffic Acceleration • Core Acceleration • Interface Acceleration • Threat Prevention • Threat Emulation • Advanced Site-to-Site VPN • Remote Access VPN • Mobile AccessLab Exercises:• Perform an upgrade of a Security Management server in a distributed environment• Use the migrate_export command to prepare to migrate a Security Management Server• Deploy a Secondary Management Server• Demonstrate how to define new network and group objects using the Check Point API• Perform an upgrade of Security Gateways in a clustered environment• Use Kernel table commands to evaluate the condition of a Security Gateway• Use common commands to evaluate the condition of a Security Gateway• Configure Virtual MAC• Demonstrate how SecureXL affects traffic flow• Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance• Demonstrate how to monitor and adjust interface traffic queues• Identify specific threat protections used by Check Point Threat Prevention• Demonstrate how to enable Mobile Access for remote usersCCTE -Course Topics:• Advanced Troubleshooting • Management Database and Processes • Advanced Kernel Debugging • User Mode Troubleshooting • Advanced Access Control • Understanding Threat Prevention • Advanced VPN Troubleshooting • Acceleration and Performance TuningLab Exercises:• Monitoring Network Traffic • Debugging Management Processes • Exploring the Postgres and Solr Databases • Troubleshooting Management Synchronization • Analyzing Traffic Issues Using Kernel Debugs • Debugging User Mode Processes • Troubleshooting Application Control and URL Filtering • Troubleshooting IPS • Evaluating Threat Prevention Products • Debugging Site-to-Site VPN • Troubleshooting Remote Access VPN • Testing Mobile Access VPN • Evaluating SecureXL • Modifying CoreXL • Evaluating Hardware-related Performance • Tuning and Software Optimization
COURSE OBJECTIVE:
CCSE:• Articulate Gaia system management procedures• Explain how to perform database migration procedures• Articulate the purpose and function of Management High Availability• Describe how to use Check Point API tools to perform management functions• Articulate an understanding of Security Gateway cluster upgrade methods• Discuss the process of Stateful Traffic inspection• Articulate an understanding of the Check Point Firewall processes and debug procedures• Describe advanced ClusterXL functions and deployment options• Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance• Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance• Articulate how utilizing multiple traffic queues can make traffic handling more efficient• Describe different Check Point Threat Prevention solutions for network attacks• Explain how SandBlast, Threat Emulation, and Threat Extraction help to prevent security incidents• Recognize alternative Check Point Site-to-Site deployment options• Recognize Check Point Remote Access solutions and how they differ from each other• Describe Mobile Access deployment optionsCCTE:• Understand how to use Check Point diagnostic tools to determine the status of a network. • Understand how to use network packet analyzers and packet capturing tools to evaluate network traffic. • Become familiar with more advanced Linux system commands. • Obtain a deeper knowledge of the Security Management architecture. • Understand how the Management database is structured and how objects are represented in the database. • Understand key Security Management Server processes and their debugs. • Understand how GuiDBedit operates. • Understand how the kernel handles traffic and how to troubleshoot issues with chain modules. • Understand how to use the two main procedures for debugging the Firewall kernel and how they differ. • Recognize User mode processes and how to interpret their debugs. • Discuss how to enable and use core dumps. • Understand the processes and components used for policy installs and processing packets in Access Control policies. • Understand how to troubleshoot and debug issues that may occur with App Control and URLF. • Understand how to debug HTTPS Inspection-related issues. • Understand how to troubleshoot and debug Content Awareness issues. • Understand how IPS works and how to manage performance issues. • Understand how to troubleshoot Anti-Bot and Antivirus. • Recognize how to troubleshoot and debug Site-to-Site VPNrelated issues. • Understand how to troubleshoot and debug Remote Access VPNs. • Understand how troubleshoot Mobile Access VPN issues. • Recognize how to use SecureXL features and commands to enable and disable accelerated traffic. • Understand how the server hardware and operating system affects the performance of Security Gateways. • Understand how to evaluate hardware configurations for optimal performance.
FOLLOW ON COURSES:
Attend two Infinity Specialization courses and pass their exams to automatically become a Check Point Certified Security Master (CCSM).Attend four Infinity Specialization courses and pass their exams to automatically become a Check Point Certified Security Master Elite (CCSM Elite).Choose from the following Infinity Specialization courses:• Check Point Certified Endpoint Specialist (CCES)• Check Point Certified Troubleshooting Administrator (CCTA)• Check Point Certified Automation Specialist (CCAS)• Check Point Certified Cloud Specialist (CCCS)• Check Point Certified MDSM Specialist (CCMS) • Check Point Certified VSX Specialist (CCVS)• Check Point Certified Troubleshooting Expert (CCTE)• Check Point Certified Maestro Expert (CCME)