checkpoint ccse
No Events

Checkpoint Certified Security Expert (CCSE) R77.30 Training:

The Security Engineering (Check Point Certified Security Expert (CCSE) R77.30) course includes learning and gaining knowledge in Advanced Firewall, Clustering and Acceleration, Advanced User Management, Advanced IPsec VPN and Remote Access, Auditing and Reporting. Networking Aspirants can take this course and prepare for exam as well as upgrade their knowledge in Security Domain. This course helps a professional to get updated to new sets of checkpoint firewall technologies.

Before Checkpoint CCSE a candidate must have Checkpoint CCSA through understanding.

CCSA + CCSE Training Learning Schedule
Track Regular (Mon-Fri) Weekend ( Sat & Sun)
Duration 20 Days 6 Weekends
Hours 2 Hours a Day 2-3 Hours a Day

Highlights/Key Features of Course:

  • Training delivered by Industry Experienced professionals with more than 6+ years of experience.
  • 24*7 Lab Access
  • Authorized Training Certificate.
  • Placement Assistance and career guidance.
  • Late night and early morning batch facility
  • Hostel facility between INR 6000– INR 7000 per month including food.
  • Payment options: Check, Cash, Credit Card, Debit card, Net Banking.
  • Live Practical Based Training.
  • 100% Job assistance
  • Batches Available: Regular (Mon-Fri) & Weekends (Sat-Sun)

Requirements and Prerequisite:

  • Security Administration Course or CCSA certification (R70 or later)
  • Windows Server, UNIX and networking skills and TCP/IP experience
  • Certificate management and system administration

Who can attend this course?

Anyone who is looking to gain knowledge in Checkpoint CCSE and later for certification can join this course. Also professionals can take this course and get the new advanced level knowledge in Security domain.

What will I learn?

After successful completion of CCSA, the candidate will able to defend against network threats, security gateway in a distributed environment, Schedule backups and seamless upgrades, Protect email and messaging content, Monitor suspicious network activities and analyze attacks, Troubleshoot network connections.

Certifications and Examination

For Checkpoint CCSA certification one needs to crack Security Administration (Check Point Certified Security Administrator) Exam. The exam details are given below:

Exam Code: 156-215.77

Exam Cost: 150 USD

 

Course Content: Check Point Certified Security Expert(CCSE) R77.30

Upgrading:-

Backup and Restore Security Gateways and Management Servers

  • Snapshot management
  • Upgrade Tools
  • Backup Schedule Recommendations
  • Upgrade Tools
  • Performing Upgrades
  • Support Contract

Upgrading Standalone Full High Availability

Lab 1: Upgrading to Check Point R77

  • Install Security Management Server
  • Migrating Management server Data
  • Importing the Check Point Database
  • Launch SmartDashboard
  • Upgrading the Security Gateway

Advanced Firewall

Check Point Firewall Infrastructure

  • GUI Clients
  • Management

Security Gateway

  • User and Kernel Mode Processes
  • CPC Core Process
  • FWM
  • FWD
  • CPWD
  • Inbound and Outbound Packet Flow
  • Inbound FW CTL Chain Modules
  • Outbound Chain Modules
  • Columns in a Chain
  • Stateful Inspection

Kernel Tables

  • Connections Table
  • Connections Table Format

Check Point Firewall Key Features

  • Packet Inspection Flow
  • Policy Installation Flow
  • Policy Installation Process
  • Policy Installation Process Flow

Network Address Translation

  • How NAT Works
  • Hide NAT Process
  • Security Servers
  • How a Security Server Works
  • Basic Firewall Administration
  • Common Commands

FW Monitor

  • What is FW Monitor
  • C2S Connections and S2C Packets
  • fw monitor

Lab 2: Core CLI Elements of Firewall Administration

  • Policy Management and Status
  • Verification from the CLI
  • Using cpinfo
  • Run cpinfo on the Security Management Server
  • Analyzing cpinfo in InfoView
  • Using fw ctl pstat
  • Using tcpdump

Clustering and Acceleration

VRRP

  • VRRP vs ClusterXL
  • Monitored Circuit VRRP
  • Troubleshooting VRRP

Clustering and Acceleration

  • Clustering Terms
  • ClusterXL
  • Cluster Synchronization
  • Synchronized-Cluster Restrictions
  • Securing the Sync Interface
  • To Synchronize or Not to Synchronize

ClusterXL: Load Sharing

  • Multicast Load Sharing
  • Unicast Load Sharing
  • How Packets Travel Through a Unicast
  • LS Cluster
  • Sticky Connections

Maintenance Tasks and Tools

  • Perform a Manual Failover of the
  • FW Cluster
  • Advanced Cluster Configuration

Management HA

  • The Management High Availability Environment
  • Active vs. Standby
  • What Data is Backed Up?
  • Synchronization Modes
  • Synchronization Status

SecureXL: Security Acceleration

  • What SecureXL Does
  • Packet Acceleration
  • Session Rate Acceleration
  • Masking the Source Port
  • Application Layer Protocol – An Example with HTTP
  • HTTP 1.1
  • Factors that Preclude Acceleration
  • Factors that Preclude Templating
  • (Session Acceleration)
  • Packet Flow
  • VPN Capabilities

CoreXL: Multicore Acceleration

  • Supported Platforms and Features
  • Default Configuration
  • Processing Core Allocation
  • Allocating Processing Cores
  • Adding Processing Cores to the Hardware
  • Allocating an Additional Core to the SND
  • Allocating a Core for Heavy Logging
  • Packet Flows with SecureXL Enabled

Lab 3 Migrating to a Clustering Solution

  • Installing and Configuring the Secondary Security Gateway
  • Re-configuring the Primary Gateway
  • Configuring Management Server Routing
  • Configuring the Cluster Object
  • Testing High Availability
  • Installing the Secondary Management Server
  • Configuring Management High Availability

Advanced User Management

User Management

  • Active Directory OU Structure
  • Using LDAP Servers with Check Point
  • LDAP User Management with User Directory
  • Defining an Account Unit
  • Configuring Active Directory Schemas
  • Multiple User Directory (LDAP) Servers
  • Authentication Process Flow
  • Limitations of Authentication Flow
  • User Directory (LDAP) Profiles

Troubleshooting User Authentication and User Directory (LDAP)

  • Common Configuration Pitfalls
  • Some LDAP Tools
  • Troubleshooting User Authentication

Identity Awareness

  • Enabling AD Query
  • AD Query Setup
  • Identifying users behind an HTTP Proxy
  • Verifying there’s a logged on AD user at the source IP
  • Checking the source computer OS
  • Using SmartView Tracker

Lab 4: Configuring Smart Dashboard to Interface with Active Directory

  • Creating the Active Directory Object in Smart Dashboard
  • Verify Smart Dashboard Communication with the AD Server

Advanced IPsec VPN and Remote Access

Advanced VPN Concepts and Practices

  • IPsec
  • Internet Key Exchange (IKE)
  • IKE Key Exchange Process – Phase 1/ Phase 2 Stages

Remote Access VPNs

  • Connection Initiation
  • Link Selection

Multiple Entry Point VPNs

  • How Does MEP Work
  • Explicit MEP
  • Implicit MEP

Tunnel Management

  • Permanent Tunnels
  • Tunnel Testing
  • VPN Tunnel Sharing
  • Tunnel-Management Configuration
  • Permanent-Tunnel Configuration
  • Tracking Options
  • Advanced Permanent-Tunnel configuration
  • VPN Tunnel Sharing Configuration

Troubleshooting

  • VPN Encryption Issues

VPN Debug

  • vpn debug Command
  • vpn debug on | off
  • vpn debug ikeon |ikeoff
  • vpn Log Files
  • vpn debug trunc
  • VPN Environment Variables
  • vpn Command
  • vpn tu
  • Comparing SAs

Lab 5: Configure Site-to-Site VPNs with Third Party Certificates

  • Configuring Access to the Active Directory Server
  • Creating the Certificate
  • Importing the Certificate Chain and Generating Encryption Keys
  • Installing the Certificate
  • Establishing Environment Specific Configuration
  • Testing the VPN Using 3rd Party Certificates

Lab 6: Remote Access with Endpoint Security VPN

  • Defining LDAP Users and Groups
  • Configuring LDAP User Access
  • Defining Encryption Rules
  • Defining Remote Access Rules
  • Configuring the Client Side

Auditing and Reporting

SmartEvent

  • SmartEvent Introduction

SmartEvent Architecture

  • Component Communication Process
  • Event Policy User Interface

SmartReporter

  • Report Types

Lab 7: SmartEvent and SmartReporter

  • Configure the Network Object in SmartDashboard
  • Configuring Security Gateways to work with SmartEvent
  • Monitoring Events with SmartEvent
  • Generate Reports Based on Activities

 

 

 

Christofer Kalwal

I enrolled for CCNA and CCNP Course and got placed in Vodafone and Sunguard during the course itself. Thanks to I-Medita for encouraging and providing the platform. The Training was very good and trainers are well experienced.
Read More

Milky Rajput

Thanks to I-Medita Team. I got the job in Vodafone Pune after completion of my Multi-Track Job Oriented Course. The Training was very good and helped me a lot to get my first Job.
Read More

Naveen Kumar

I got my first job with Vodafone Pune after completing my Multi Track Course from I-Medita. Trainers are very good and knowledgeable. Labs are good and available all time time for practicals
Read More

Prantap Bharadwaj

I got placed in CSS Corp Chennai during my CCNP Training from I-Medita. The environment here is very good for learning. I would like to thank Saurabh Sir my trainer for helping me with the technical knowledge. My Experience here was really amazing. I would recommend this institute to other networking aspirants.
Read More

Mandovi Rajan

The courses proved to be very helpful and beneficial. I had enrolled myself for CCNA course at I-Medita and I am absolutely satisfied with the way it was conducted. The faculty is great and every student is given equal attention. The teachers relate the concepts to real life in order to make sure that we understand the concepts better.
Read More
Call or WhatsApp us

Contact Us

87-50-00-44-11
(Click to Call)

Let us Help you





Find us here

I-Medita
2nd Floor, Aditi Samruddhi Building,
Baner Road, Baner,
Pune - 411 045,
Maharashtra
Landmark: Near Baner Welcome Board

Helpline:

+91 - 875-000-4411

Email:

[email protected]

Connect with us