Advanced training to manage virtualized security in high-end networks and advanced security optimization techniques.
Learn How To
- Identify issues and problems using commands
- Locate the source of encryption failures
- Identify potentially mis-configured VPNs
How You Will Benefit
- Bypass wait times and fast track to a support engineer
- Compare your policy to rules that degrade performance
- Tune your systems to improve acceleration of traffic
- This course is for customers and partners who want to learn the advanced skills to troubleshoot and configure Check Point Security Gateway and Management Software Blades:System Administrators
- Security Engineers
- Network Engineers
- R80 CCSEs seeking higher certification
- General knowledge of TCP/IP
- Working knowledge of Windows and UNIX
- Working knowledge of network technology
- Working knowledge of Internet technology
- Obtain a deeper knowledge of the Security Management Architecture.
- Understand how the Security Management Server uses key processes and debugs.
- Review how objects are represented in the database.
- Understand how GuiDBedit operates.
- Understand how to use fw monitor to capture packets.
- Discuss how to enable and use core dumps when a User mode process crashes.
- Understand how to troubleshoot and debug SmartConsole issues.
- Understand how to troubleshoot and debug NAT issues using Gaia commands.
- Understand Client Side and Server Side NAT.
- Describe how to configure port mapping services.
- Recognize how to debug VPN-related issues.
- Understand how to debug HTTPS Inspection related issues.
- Understand how to troubleshoot and debug Content Awareness issues.
- Understand how to troubleshoot Anti-Bot and Antivirus issues.
- Discuss how to use IPS Bypass to manage performance issues.
- Understand how to configure IPS to reduce false positives.
- Understand how to evaluate hardware configurations for optimal performance.
- Discover additional tools to assist in monitoring CPU utilization.
- Understand how to monitor cluster status and work with critical devices.
- Recognize how to use fwaccel and sim to enable and disable accelerated traffic.
- Understand how to configure CoreXL to enhance Security Gateway performance.
- Understand how to deploy IPv6 in a local environment
- Perform Solr database queries and review the results.
- Use debug files to troubleshoot SmartConsole.
- Use debug commands to explore common management issues.
- Demonstrate how to troubleshoot two methods of Automatic NAT.
- Demonstrate how to manually configure NAT.
- Configure port mapping of services as an alternative to performing NAT.
- Use vpn debug tools to identify issues that may have occurred during encryption
- Manipulate IPS settings to enhance performance and reduce false positives.
- Evaluate network security conditions using the Check Point CheckMe tool.
- Use policy settings to improve performance of Security Gateways.
- Tune the Security Policy for improved Security Gateway performance
- Evaluate the Security Gateway cluster conditions by examining the debug files.
- Demonstrate how to manage connections in a clustered environment.
- Demonstrate how to debug Security Management Server synchronization
- Demonstrate how to identify the cause of acceleration related issues.
- Demonstrate how to configure advanced CoreXL settings
- Define and test communication in an IPv6 environment
Chapter 1: Advanced Database Management
Chapter 2: Kernel Mode and User Mode Troubleshooting
Chapter 3: SmartConsole and Policy Management
Chapter 4: Advanced Network Address Translation
Chapter 5: VPN Troubleshooting
Chapter 6: Troubleshooting Access Control Policies
Chapter 7: Troubleshooting Threat Prevention Policies
Chapter 8: Optimization and Tuning
Chapter 9: Advanced Clustering
Chapter 10: Acceleration Debugging
Chapter 11: IPv6
This training prepares the student for the Check Point Certified Security Master R80 (CCSM R80) exam.