Course : CCSA, Check Point Certified Security Administrator R82, certification
Practical course - 4d
- 28h00 - Ref. CPH
|
Download in PDF format
Share this course by email
 | Installing and configuring Check Point R82 |
| Deploy and manage security policies |
| Implement address translation (NAT) |
| Manage licenses and contracts |
| Manage multi-site environments |
| Controlling administrative access |
| Monitor logs and network traffic |
| Configure HTTPS inspection and HTTP/3 support |
| Apply application control and URL filtering |
| Implementing VPNs and threat prevention |
Intended audience
System/network/security technicians, administrators and engineers.
Prerequisites
Good knowledge of TCP/IP. Basic knowledge of IT security.
Practical details
Hands-on work
Practical exercises: Installation of Check Point R82. SmartConsole installation. Creating objects. Creating a security policy.
Course schedule
1 Introduction to Check Point R82 architecture: Initial configuration
- Check Point products and R82 news.
- Introducing Gaia OS.
- Three-tier architecture, Software Blades and Check Point Infinity.
- Standalone vs. distributed modes.
- Presentation of the SIC protocol.
- CLI: command line interface.
- SmartConsole Web.
Exercise
Installation of Gaia in R82 on the management server and main gateway.
2 Security policy management
- Getting started with SmartConsole R82.
- Package inspection.
- Object creation and rules.
- Inline layers" policies (under rules).
Exercise
SmartConsole installation. Create objects. Create a security policy.
3 Address Translation (NAT)
- NAT static, dynamic, manual.
- ARP and routing issues.
- NAT rule implementation.
Exercise
Set up automatic static NAT, Hide and manual transaction rules.
4 Remote site and license management
- License types and management via SmartUpdate.
- Multi-site deployment and Policy Packages.
- Ordered Layers and policy sharing.
Exercise
Installation d’une passerelle distante, création d’une politique de sécurité (Policy Pack), et de règles de base pour le site distant.
Création et partage d’une « Ordered Layer ».
5 Administrator management
- Permission profiles.
- Concurrent sessions and administrator management.
Exercise
Creation of a new "Permission Profile" with limited authorizations.
6 Logs, monitoring and troubleshooting
- Connection tracking and alerts.
- Monitoring tools (CPView, SmartView Monitor).
- Introduction to troubleshooting (tcpdump, zdebug).
7 HTTPS inspection. Application control, URL filtering and maintenance
- Outbound/Inbound rules.
- Certificate and SNI management.
- Advanced HTTPS inspection features.
- App Control, URL Filtering, DNS Filtering. User Check.
- Backups (local and cloud), CPUSE, updates. The cpconfig command.
Exercise
Mise en oeuvre de l’inspection HTTPS.Filtrage Web et Applications : créer et partager la politique de « Filtrage Web et Applications » en tant que « Inline Layer » et « Ordered Layer ». Restauration de la configuration d’une passerelle.
8 Site-to-site VPN, threat prevention and high availability
- VPN architecture, IKE/IPSec, VPN routing.
- ClusterXL and redundancy (bonus).
Exercise
Utilisation de VPN-IPSec Inter-sites (Shared Secret)
et VPN-IPSec Inter-sites (Certificats).
9 Threat prevention
- Autonomous Threat Prevention (AI, ThreatCloud).
Exercise
Implementation of Autonomous Threat Prevention.
10 Clustering
- ClusterXL and redundancy.
Exercise
Implementation of ClusterXL in HA mode.
Options
Certification : 300 € HT
The certification is issued by Check Point Software Technologies. It validates the fundamental skills needed to administer Check Point security solutions. It lasts 90 minutes, and is based on a 90-question MCQ in English.
The certification option comes in the form of a voucher or invitation that will allow you to take the exam at the end of the training course.
PARTICIPANTS
System/network/security technicians, administrators and engineers.
PREREQUISITES
Good knowledge of TCP/IP. Basic knowledge of IT security.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
System/network/security technicians, administrators and engineers.
PREREQUISITES
Good knowledge of TCP/IP. Basic knowledge of IT security.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Dates and locations
Select your location or opt for the remote class then choose your date.
Remote class
Dernières places
Date garantie en présentiel ou à distance
Session garantie