Check Point Security Administration (CCSA) R70 Upgrade — A 3-day course

Synopsis

This three-day course is suitable for anyone who has previously attended the Management-1 or NGX-1 courses and now need to bring their skills up to the latest R70 level.

This accelerated course provides an understanding of the concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. This course only covers topics in the current CCSA R70 course that are not covered in previous CCSA versions. During the course, you will configure, manage, monitor and maintain a corporate and branch office network. In addition, you will upgrade and configure a Security Gateway to implement a virtual private network (VPN) for both internal and external users while implementing IPS and Messaging and Content Security.

Course Objectives

On completion of this course, delegates will be able to:

Select the best security solution for your corporate environment.
Perform a backup and restore current Gateway installation from the command line.
Identify critical files to purge or backup, import and export users and groups, and add or delete administrators from the command line.
Use command line utilities to troubleshoot problems on the Security Gateway.
Maintain the Security Management Server with scheduled backups and policy versions.
Use queries in SmartView Tracker to monitor IPS and troubleshoot events.
Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications.
Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways.
Upgrade and attach product licenses using SmartUpdate.
Perform a pre-installation compatibility assessment before upgrading to R70.
Given R70 licensing instructions, obtain a license key.
Install a Contract File on Windows, SecurePlatform, Linux, Solaris and IPSO.
Select the most appropriate encryption algorithm when securing communication over a VPN, based on corporate requirements.
Establish VPN connections to partner sites to access a central database by configuring Advanced IKE properties.
Configure a pre-shared secret site-to-site VPN with partner sites.
Configure a certificate based site-to-site VPN using one partner’s internal CA.
Configure permanent tunnels for remote access to corporate resources.
Configure VPN tunnel sharing.
Configure Check Point Messaging Security.
Configure a Web-filtering and antivirus policy to filter and scan traffic.
Implement profiles to designated Gateways in the corporate network.
Manage profiles by tracking changes to the network, including performance degradation, and troubleshoot issues with the network.
Create and install IPS policies.

Suitable for

You have a prior CCSA certification and want an accelerated path to achieve CCSA R70 certification.

Prerequisites

Must have achieved any one of the following:

CCSA NG
CCSA NG FP3
CCSA NG AI
CCSA NGX
CCSA NGX R65

Certification

This course meets the requirements for the CCSA NGX R70 certification.

A separate examination (not part of or included with the course) is available for delegates who wish to have formal certification. Please contact us for more details.

Publicly scheduled dates, locations, and prices

London — £1795 (+VAT)

1–3 Nov 2010

Reading — £1795 (+VAT)

4–6 Oct 2010

Harrogate — £1795 (+VAT)

6–8 Sep 2010
29 Nov–1 Dec 2010

Course Contents

Distributed Installation

Install and configure the Security Management Server
Install SecurePlatform on the Security Gateway
Configure the Security Gateway using WebUI
Launch SmartDashboard

Branch Office Security Gateway Installation

Configure Branch Gateway via WebUI

Defining Basic Objects and Rules

Configure DMZ

Configure DMZ Interface on the Gateway
Create a DMZ Object

Configure NAT

Configure Hide NAT
Configure Static NAT
Observe NAT using fw monitor

Using SmartUpdate

Get Gateway data and run Cpinfo
Download HFA Package

Upgrade a Security Gateway Locally

Configure a Site-to-Site VPN

Define the VPN Domain
Create the VPN Community
Create VPN Rule
Test VPN Connection
VPN Troubleshooting

Configure Two Gateway IKE Encryption Using Certificates

Save a Certificate for Export
Add Machine to VPN Community
Create a Certificate Authority
Modify Rule Base
Install and Verify Security Gateway Configuration
Test Encryption with Certificates
Revert to Standard Security Policy

Remote Access and Office Mode

Create Remote Access Group
Configure Gateway for IKE Encryption and LDAP Authentication
Configure VPN Domain
Configure Office Mode IP Pool
Configure Remote Access Object
Modify Rule Base for Remote Access
Create a Site Using Site Wizard
Verifying Office Mode IP Assignment
Test Remote Connection

Messaging and Content Security

Configure IPS for Preliminary Detection
Analyze Attacks
Reconfiguring IPS to Block Attacks
Review Logs

Implement the IPS

Printer-friendly version

Check Point training UK enquiries

Training Enquiries & Feedback Form.

Email: training@gbdirect.co.uk

Phone: 0800 651 0338

Please call between 0900 and 1700 (UK time) on Monday to Friday

Your Wishlist

Check Point training UK prices

For publicly scheduled training (individual places), see our UK training schedule.

For current special offers on courses, see our Special Offers section.

In-house training for company groups is charged at a daily rate per group — see our In-House UK Training Guidelines.

Publicly Scheduled Training Locations

We currently run public training courses across the UK including following locations:

London, UK
Leeds, West Yorkshire, UK
Aberdeen, Scotland, UK
Bradford, West Yorkshire, UK
Birmingham, West Midlands, UK
Bournemouth, Dorset, UK
Bristol, South West
Carshalton, Surrey, UK
Chester, North West, UK
Cheshire, North West, UK
Coventry, West Midlands, UK
Crawley, West Sussex, UK
Derby, East Midlands, UK
Dublin, Ireland
Edinburgh, Scotland, UK
Exeter, South West, UK
Glasgow, Scotland, UK
Harrogate, North Yorkshire, UK
Harwell, Oxfordshire, UK
Hinckley, Leicestershire, UK
Lancashire, North West, UK
Liverpool, North west, UK
Maidenhead, Berkshire, UK
Manchester, North West, UK
Milton Keynes, Buckinghamshire, UK
Nottinghamshire, East Midlands, UK
Reading, Berkshire, UK
Sheffield, South Yorkshire, UK
Slough, Berkshire, UK
Stevenage, Hertfordshire, UK
Swindon, South West, UK
Tyne and Wear, North East, UK
Wakefield, West Yorkshire, UK
Wokingham, Berkshire, UK
Wiltshire, South West, UK
Wirral, North West, UK

Most UK public training courses are available on a monthly basis.

Please see the individual course outlines or our public training schedule for details.

In-house (on-site) training locations

We deliver in-house courses at client premises and/or training facilities in any part of the world which is practically and commercially accessible.

Our In-house training guidelines outline our basic requirements and our UK pricing structure. To estimate costs for training in other countries, simply convert to your local currency and then make a rough calculation of our tutor's costs for travelling to and staying at your location.