CCSA NGX Management 1 | CCSE NGX Management 2 | CCSE Plus NGX Management 3 | CCSPA | CCMSE NGX (Provider-I) | CCMSE NGX Plus VSX | CPIS (Check Point Integrity)

Checkpoint - CCSE Plus NGX (Management III)


Check Point Security Administration NGX III offers comprehensive training to enhance enterprise knowledge of VPN-1 NGX, network planning, route-based VPN, and troubleshooting procedures

Audience :

You are a systems administrator, security manager, or network engineer implementing VPN-1 NGX in an enterprise setting

Prerequisite : Check Point Security Administration NGX I Rev 1.1 and Check Point Security Administration NGX II Rev 1.1

Duration of the course :

Part Time : N/A

Full Time  : 4 Days (8 Hours per day)

Course Contents :

General troubleshooting methods

  • Troubleshooting Guidelines
  • Collecting Related Information
  • What to Check before Installing VPN-1 NGX
  • IP Forwarding & Boot Security
  • SIC and ICA issues
  • Debugging SIC Maintaining SIC
  • Client-Side Destination NAT
  • Debugging NAT
  • Rule base and NAT issues
  • Anti spoofing issues

File Management

  • Overview cpinfo File
  • InfoView
  • Opening SmartDashboard in InfoView
  • objects_5_0.C and objects.C
  • Using DbEdit
  • GuiDBedit
  • modifying *.def Files
  • Troubleshooting Logging Issues
  • Maintaining Logs and Log-Buffer Queue

Protocol Analyzers

  • tcpdump and Expressions
  • Using tcpdump
  • Viewing tcpdump output
  • Reading snoop Output
  • snoop and Security
  • fw monitor Syntax
  • INSPECT Virtual Machine
  • Filer Expressions
  • fw ctl Chain
  • Using Etheral
  • Viewing Connections Dropped by Kernel
  • Using Filters with Ethereal

NGX Debugging Tools

  • fw ctl Debug
  • fw ctl kdebug
  • Kernel Modules
  • fw ctl debug Flags
  • Debugging fwd/fwm
  • fwd/fwm Debug switches
  • Debugging without Restarting fwd/fwm
  • Debugging Restarting fwd/fwm

fw Advanced Commands

  • fw tab Options
  • Table Attributes
  • fw tab Examples
  • fw ctl commands
  • Other fw Commands
  • fw advanced Commands
  • fwm commands
  • fwm debexportcomfwm dbimport
  • fw lock_admin

Security Servers

  • The folding process
  • Folding – Process Example
  • Content – Security Rule Order
  • Security Server Default Messages
  • troubleshooting Security Server Issues
  • Reviewing CPU and Memory Editing fwauthd.conf
  • Debugging Security Servers
  • Multiple Security Server Troubleshooting

VPN Debugging Tools

  • IKE Basis
  • Phase 1 and Phase 2
  • Encryption Issue
  • VPN Debugging Tools
  • vpn debug command
  • vpn command
  • comparing SAs
  • Troubleshooting Tables

Troubleshooting and Debugging SecuRemote/SecureClient

  • Ports Used Through The tunnel
  • Packet Flow When Creating a Site
  • Packet Flow When Connecting/Resolving Gateway IP
  • Packet Flow When Connecting/IKE Negotiation
  • Packet Flow When Connecting/Encrypting Data
  • Link Selection for Remote Access Overview
  • Link-Selection for remote Access Overview
  • Link-Selecting for Remote Access Overview
  • Link-Selection for Methods in VPN-1 NGX
  • SecuRemote/SecureClient Debugging tools
  • Enhanced Debugging Tool

Advanced VPN

  • Route-Based VPN
  • Domain-Based VPN
  • VPN Tunnel Interface
  • VPN Routing Process
  • Numbered/Unnumbered VTIs
  • Configuring Numbered VITs
  • Configuring unnumbered VITs
  • Dynamic VPN Routing
  • Configuring Dynamic VPN routing Using OSPF
  • How Wire Mode Works
  • Wire Mode in Route-Based VPN
  • Directional VPN Rule Match
  • Tunnel Management
  • Permanent Tunnels
  • Tunnel-Management Configuration
  • VPN Tunnel Sharing Configuration

ClusterXL

  • Configuration Recommendations
  • Recommendations for ClusterXL
  • Recommendations for State Synchronization
  • Troubleshooting ClusterXL
  • Kernel Flags



IIBST, Dhaka, BANGLADESH
IIBST
Dhaka Bangladesh
31, Malek Tower, Farmgate,Dhaka 1215
Email to us :info@iibst.com
Email to us : help@iibst.com
Call : 0088-(02 9144405 / 0666 268 2031 / 01914 189 107)

www.iibst.com