Check Point Provider-1 NGX — A 2-day course

 Open Public Course Closed In-House Course

Synopsis

This courses offers in-depth training on deploying and managing Check Point Provider-1 NGX. You will learn to configure Security Policies for multiple remote Security Gateways using the Multi-Domain GUI (MDG), and learn about managing multiple firewall-secured environments using the Multi-Domain Server (MDS). You will also learn how to perform advanced configuration tasks, such as establishing redundant Multi-Domain Servers for High Availability management functions and migrating existing servers into the Provider-1 database.

Course Objectives

On completion of this course, delegates will be able to:

• Describe the Provider-1 architecture
• Describe the installation requirements for the Provider-1 components
• Successfully install Provider-1
• List and describe MDS configuration options
• List and describe Customer Management Add-On (CMA) configuration options
• Identify the features and functions of the MDG
• Describe Provider-1 log-management features
• Create and assign Global Policies to multiple CMAs
• Use advanced tools to manage multiple Customer sites

In the labs you will gain hands-on experience in:

• Install the MDS as a Manager and Container, then configure the MDS to function as a primary MDS
• Install the Provider-1 SmartConsole and MDG client
• Configure CMAs for city sites
• Establish SIC between CMAs and the remote Security Gateways they manage
• Adjust Provider-1 default settings to customize the system for your configuration
• Create basic objects and Rule Bases for CMAs in your configuration
• Create additional Adminstrators and show the differences in privilege levels
• Deply GUI clients at remote sites, and grant different access to clients with different privileges
• Remotely install a Check Point software package on the Gateways in your lab configuration
• Disconnect a rogue client form you primary MDS
• Define network objects and rules for a NOC Gateway
• Install and configure a secondary MDS to be an MDS Multi-Log Module (MLM)
• Create objects and rules applied to each CMA in a Global Policy
• Define a Global VPN Community
• Migrate an existing SmartCenter Server into your existing Provider-1 setip
• Install and configure a secondary MDS for Management High Availability (HA)
• Mirror a configured MDS to a second MDS in your setup
• Configure a secondary MDS for CMA level HA in a Provider-1 setup
• Back up MDS files using Provider-1 archiving commands
• Restore MDS files using archiving commands

Suitable for

• Systems administrators, security managers, or network engineers who wish to implement Provider-1 in an enterprise setting
• Those challenging exam #156-815 as part of Check Point Certified Managed Security Expert NGX (CCMSE NGX) certification

Prerequisites

• Completion of courses Check Point Security Administration NGX I Rev 1.1 and Check Point Security Administration NGX II Rev 1.1, or equivalent knowledge and experience

Publicly scheduled dates, locations, and prices

Contents:

Provider-1 Architecture

• Multi-Domain GUI (MDG)
• Multi-Domain Server (MDS)
• FireWall-1 remote module

Remote customer management using Provider-1

• Standard Provider-1 and point-of-presence configuration
• NOC security
• Customer Log Management (CLM) configuration

MDS installation and configuration

MDG installation and configuration

Navigating the MDG

• Customer, policy and system status view
• Customer bar: Administrators, GUI clients and licenses view
• Provider bar: Administrators, GUI clients and licences view

NOC firewall installation and configuration

CLM installation and configuration

Configuring objects and installing policy using the MDG

Assigning global policies

MDS archiving

MDS command line management

MDS directory structure

Running MDS and CMA commands

Migrating an existing management server into the MDS

Uninstalling the MDS and MDG