Publication date : 05/17/2024
Course : Check Point R81, network security, level 2
Practical course - 3d
- 21h00 - Ref. CPN
|
Download in PDF format
Share this course by email
 | Identity Awareness |
| Implementing a High Availability and Load Sharing cluster |
| Check quality of service (QoS) |
Intended audience
System/network/security administrators and engineers, technicians.
Prerequisites
Good knowledge of TCP/IP, IS security and Check Point's main functions, or knowledge equivalent to that provided by course ref. CPB. Experience desirable.
Course schedule
1 Identity Awareness and Application Control
- Advanced features.
- Useful CLI commands.
- On-the-fly certificate creation for HTTPS inspection.
Hands-on work
Implementation of Identity Awareness in various forms.
2 Acceleration modules
- Introducing CoreXL.
- Connection acceleration with SecureXL.
- SecureX module and HTTP session acceleration.
- Presentation of Optimized Drops and NAT Templates.
- SecureXL Dynamic Dispatcher.
- SecureXL and CoreXL operate simultaneously.
3 Check Point clustering
- Management Server high availability (Smartcenter HA).
- Firewall redundancy.
- ClusterXL High Availability (Active/Passive).
- ClusterXL Load Sharing (Active/Active).
- VMAC and ARP issues.
- SecureXL vs VRRP comparison.
Hands-on work
Setting up a High Availability and Load Sharing cluster.
4 VPN and advanced routing
- Debugging, routing and route-based VPN.
- Dynamic routing with the RIP, OSPF and BGP routing protocols.
- Wire Mode operating modes.
- VTI (Virtual Tunnel Interface).
- Directional VPN Route Match.
- Link Selection and VPN redundancy.
- Traditional/simplified VPN, Tunnel Management.
Hands-on work
Setting up Route-Based VPNs.
5 Advanced firewall
- Tools (Dbedit, guiDBedit).
- System files, log management.
- Implementation of CPInfo, Solr.
- Example of how InfoView and Confwiz are used.
- SIC, ICA and certificates.
- Operation of fw monitor and analysis with Wireshark. Implementation of tcpdump.
- Introducing CPsizeme, CPView.
Hands-on work
Use of debugging tools.
6 Software Blade Compliance
- Introducing Software Blade Compliance.
- Safety best practices.
7 Content Awareness and DLP
- Overview of Data Type Objects.
- Setting up a DLP Software Blade.
- Choice of DLP policy actions.
- Watermark management.
Hands-on work
Using Software Blade Content Awareness. Creating a Data Type object.
8 QoS
- Introducing Software Blade QoSAwareness.
- Implementation of DiffServ and low-latency classes (LLQ).
Hands-on work
Bandwidth control with Software Blade QoS.
PARTICIPANTS
System/network/security administrators and engineers, technicians.
PREREQUISITES
Good knowledge of TCP/IP, IS security and Check Point's main functions, or knowledge equivalent to that provided by course ref. CPB. Experience desirable.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
System/network/security administrators and engineers, technicians.
PREREQUISITES
Good knowledge of TCP/IP, IS security and Check Point's main functions, or knowledge equivalent to that provided by course ref. CPB. Experience desirable.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.