CCSA NGX Management 1 | CCSE NGX Management 2 | CCSE Plus NGX Management 3 | CCSPA | CCMSE NGX (Provider-I) | CCMSE NGX Plus VSX | CPIS (Check Point Integrity)

Checkpoint - CCSA NGX (Management I)


CCSA is a foundation level certification that validates a candidates ability to configure and manage fundamental implementations of Check Point’s flagship product, FireWall-1, as an enterprise level Internet security solution to protect corporate networks. CCSA training by including an in depth study of encryption technologies and how to implement site-to-site VPNs.

Audience : System Administrators, Security Managers, Network Engineers and Individual seeking CCSA certification.

Prerequisite : Working knowledge of windows NT/2000/2003 or Unix, with expertise in TCP/IP & routing.

Duration of the course :

Part Time : 20 Days (2 hrs/day)

Full Time  : 3 Days (8 hrs/day)

Key Benefits : As a CCSA, security professionals possess the requisite skills to define and configure security policies that enable secure access to information across corporate networks.

Course Contents :

VPN-1 NGX Overview.

  • How VPN-1 NGX Works.
  • The INSPECT Engine.
  • Packet Flow Through the INSPECT Engine.
  • VPN-1 NGX Architecture.
  • Distributed Deployments.
  • SVN Foundation.
  • Secure Internal Communications (SIC).
  • SIC Between SmartCenter Servers, Components and Clients.

The Security Policy.

  • Security Policy Defined.
  • Security Policy Considerations.
  • Detecting IP Spoofing and Configuring Anti-Spoofing.
  • Configuring Multicast Access Control.
  • Multicast Routing Protocols.
  • Basic Rule Base Concepts.
  • Cleanup Rule, Stealth Rule, Implicit / Explicit Rules.
  • Verifying Implied Rules.
  • Understanding Rule Base Order.
  • Security Policy Command-Line Options.
  • Advanced Rule base Functions.
  • Object Cloning.
  • Rule Base Management and optimization.
  • Database-Revision Control and Policy Package Management.

Monitoring Traffic and Connections

  • SmartView Monitor Login.
  • Monitoring Suspicious Activity Rules.
  • Monitoring Alerts.
  • Monitoring Traffic or Counters.
  • Monitoring Remote Users.
  • Eventia Reporter.
  • Eventia Reporter Login.
  • Report Types and Report Structure.
  • Customizing Predefined Reports.
  • Log Consolidation Process

Network Address Translation.

  • Understanding Network Address Translation.
  • Dynamic NAT and Static NAT.
  • Dynamic Ports and Port Assignment.
  • Configuring Network Address Translation.
  • IP Pool NAT.
  • Dynamic NAT Object Configuration.
  • Dynamic NAT Using Security Gateway Interface.
  • Dynamic NAT Not Using Security Gateway Interface.
  • Static NAT Object Configuration.
  • Manual NAT.

SmartDefense.

  • Active Defense.
  • Components of SmartDefense.
  • Enforcement Integrated with NGX.
  • Management Integrated with SmartDashboard.
  • SmartDefense Capabilities.
  • Defenses Against Attacks.
  • Implicit Defenses.
  • Abnormal-Behavior Analysis.
  • SmartDefense in Action.
  • Anti-Spoofing Configuration Status.
  • Denial-of-Service Attacks.
  • Web Intelligence.

Authentication.

  • User authentication and authentication parameters.
  • Understanding the need for authentication.
  • Deploying user authentication.
  • Stealth authentication.
  • Client and session authentication.
  • Sign on methods.
  • Deploying client authentication.
  • Additional features of single sign on and client authentication.
  • Deploying session authentication.
  • Successful Authentication Tracking.

LDAP User Management with SmartDirectory.

  • LDAP Servers.
  • Introduction to Account Management.
  • Lightweight Directory Access Protocol.
  • Distinguished Name.
  • Multiple LDAP Servers.
  • Integrating LDAP with NGX.
  • Exporting Users.
  • Using an Existing LDAP Server.
  • Using SmartDashboard to Manage LDAP Users.
  • LDAP and User Manager Troubleshooting.
  • Schema Checking.
  • Using LDAP without implementing NGX Schema.
  • NGX LDAP Server Communication.

Encryption and Virtual Private Networks (VPNs).

  • How encryption works.
  • VPN-1/FireWall-1 encryption schemes and algorithms.
  • Encryption technologies.
  • Using certificates.
  • Certificate authority deployment.

Disaster Recovery.

  • Backing Up for Disaster Recovery.
  • Exporting User Database Only.
  • Backing Up Using Export.
  • Backup Steps.
  • Backing Up Manually.
  • Restoring SmartCenter Server on Windows 2003 Server.



IIBST, Dhaka, BANGLADESH
IIBST
Dhaka Bangladesh
31, Malek Tower, Farmgate,Dhaka 1215
Email to us :info@iibst.com
Email to us : help@iibst.com
Call : 0088-(02 9144405 / 0666 268 2031 / 01914 189 107)

www.iibst.com