VPN-1/FireWall-1 NGX: Security Administration: Skills Update from NG (Accelerated CCSE)

Check Point Accelerated CCSE NGX is a fast paced course designed for those engineers who are already certified to CCSE level on any version of Check Point VPN-1/Firewall-1 NG.

This two-day course is intended to provide sufficient detail for a delegate to upgrade their proven Check Point skills to the latest VPN-1/FireWall-1 NGX version. During the course delegates will learn the steps to follow to upgrade their organization Check Point software to VPN-1/FireWall-1 NGX.

Audience

This course is designed for those people who will be responsible for the installation, implementation or maintenance of a FireWall-1/VPN-1 NGX protected site, including systems administrators, security managers, and network engineers who manage VPN-1/FireWall-1 NGX gateway deployments.

Prerequisites

Delegates must have previously passed the Check Point CCSE examination at a previous NG version.

Delegates attending this course will gain hands-on experience in:

• • Upgrading to VPN-1 NGX.
  • Advanced NGX Management Concepts.
• Monitoring Traffic and Conn
• tions.
• Administrative Utilities.
• Cluster XL
• Check Point QoS.
• LDAP User Management with SmartDirectory.
• Advanced VPN.

Course Outline

Delegates attending this course will be able to:

• Use NGX upgrade tools to upgrade to NGX, from VPN-1/Firewall-1 NG or VPN-1 NG with Application Intelligence.
• Use SmartUpdate to upgrade to NGX, from NG or NG with Application Intelligence.
• Use advanced NGX features to minimize the information-security management burden, when working with objects and rules.
• Determine whether Database Revision Control or Policy Package Management is the appropriate solution, given a variety of scenarios.
• Identify the features and limitations of Management HA.
• Use SmartView Tracker to block connections, given evidence of a potential intrusion or attack.
• Use SmartView Monitor to display information about an NGX deployment, given a variety of scenarios.
• Use fw monitor to capture and view packets.
• Use fw ctl pstat to verify the health of the NGX Security Gateway and SmartCenter Server.
• Review VPN-1 debugging and troubleshooting commands, including cpinfo.
• Given a variety of Check Point QoS configurations, determine how bandwidth will be allocated.
• Identify situations where Low Latency Queuing and Differentiated Services are an appropriate part of a QoS solution.
• Identify different modes in ClusterXL configuration, and configure ClusterXL VPN.
• Configure NGX to support LDAP/AD integration, given specific business requirements.
• Configure a Policy Server and SecureClient Rule Base.
• Download desktop rules from a Policy Server with SecureClient.

This course is designed for those delegates who already hold the Check Point CCSE certification at a previous NG version and will provide them with the skills required to challenge the CCSE Upgrade examination. This is a separate examination (not part of the course), which is available for those delegates who wish to upgrade their existing CCSE qualification.

VPN-1/FireWall-1 NGX: Security Administration: Skills Update from NG (Accelerated CCSE) / 156-915