Advanced training to manage virtualized security in high-end networks and advanced security optimization techniques.
Learn How To
- Identify issues and problems using commands
- Locate the source of encryption failures
- Identify potentially mis-configured VPNs
How You Will Benefit
- Bypass wait times and fast track to a support engineer
- Compare your policy to rules that degrade performance
- Tune your systems to improve acceleration of traffic
This course is for customers and partners who want to learn the advanced skills to troubleshoot and configure Check Point Security Gateway and Management Software Blades:
- System Administrators
- Security Engineers
- Network Engineers
- R80 CCSEs seeking higher certification
- General knowledge of TCP/IP
- Working knowledge of Windows and UNIX
- Working knowledge of network technology
- Working knowledge of Internet technology
- Obtain a deeper knowledge of the Security Management Architecture.
- Understand how the Security Management Server uses key processes and debugs.
- Review how objects are represented in the database.
- Understand how GuiDBedit operates.
- Understand how to use fw monitor to capture packets.
- Discuss how to enable and use core dumps when a User mode process crashes.
- Understand how to troubleshoot and debug SmartConsole issues.
- Understand how to troubleshoot and debug NAT issues using Gaia commands.
- Understand Client Side and Server Side NAT.
- Describe how to configure port mapping services.
- Recognize how to debug VPN-related issues.
- Understand how to debug HTTPS Inspection related issues.
- Understand how to troubleshoot and debug Content Awareness issues.
- Understand how to troubleshoot Anti-Bot and Antivirus issues.
- Discuss how to use IPS Bypass to manage performance issues.
- Understand how to configure IPS to reduce false positives.
- Understand how to evaluate hardware configurations for optimal performance.
- Discover additional tools to assist in monitoring CPU utilization.
- Understand how to monitor cluster status and work with critical devices.
- Recognize how to use fwaccel and sim to enable and disable accelerated traffic.
- Understand how to configure CoreXL to enhance Security Gateway performance.
- Understand how to deploy IPv6 in a local environment
- Perform Solr database queries and review the results.
- Use debug files to troubleshoot SmartConsole.
- Use debug commands to explore common management issues.
- Demonstrate how to troubleshoot two methods of Automatic NAT.
- Demonstrate how to manually configure NAT.
- Configure port mapping of services as an alternative to performing NAT.
- Use vpn debug tools to identify issues that may have occurred during encryption
- Manipulate IPS settings to enhance performance and reduce false positives.
- Evaluate network security conditions using the Check Point CheckMe tool.
- Use policy settings to improve performance of Security Gateways.
- Tune the Security Policy for improved Security Gateway performance
- Evaluate the Security Gateway cluster conditions by examining the debug files.
- Demonstrate how to manage connections in a clustered environment.
- Demonstrate how to debug Security Management Server synchronization
- Demonstrate how to identify the cause of acceleration related issues.
- Demonstrate how to configure advanced CoreXL settings
- Define and test communication in an IPv6 environment
Chapter 1: Advanced Database Management
Chapter 2: Kernel Mode and User Mode Troubleshooting
Chapter 3: SmartConsole and Policy Management
Chapter 4: Advanced Network Address Translation
Chapter 5: VPN Troubleshooting
Chapter 6: Troubleshooting Access Control Policies
Chapter 7: Troubleshooting Threat Prevention Policies
Chapter 8: Optimization and Tuning
Chapter 9: Advanced Clustering
Chapter 10: Acceleration Debugging
Chapter 11: IPv6
This training prepares the student for the Check Point Certified Security Master R80 (CCSM R80) exam.