Students will learn how to deploy Management High Availability, provide advanced policy management, configure Site-to-Site VPN, provide advanced security monitoring, upgrade a Security Gateway, use Central Deployment tool to install hotfixes, perform an import of a Primary Security Management Server, and Deploy ElasticXL Cluster.
ยท Explain the purpose of Management High Availability.
ยท Identify the essential elements of Management High Availability.
Lab Tasks
ยท Deploy and configure Management High Availability
ยท Ensure the failover process functions as expected
Module 2: Advanced Policy Management
ยท Identify ways to enhance the Security Policy with more object types.
ยท Create dynamic objects to make policy updatable from the Gateway.
ยท Manually define NAT rules.
ยท Configure Security Management behind NAT.
Lab Tasks
ยท Use Updatable Objects
ยท Configure Network Address Translation for server and network objects
ยท Configure Management behind NAT for Branch Office connections
Module 3: Site-to-Site VPN
ยท Discuss site-to-site VPN basics, deployment, and communities.
ยท Describe how to analyze and interpret VPN tunnel traffic.
ยท Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways.
ยท Explain Link Selection and ISP Redundancy options.
ยท Explain tunnel management features.
Lab Task
Configure Site-to-Site VPN with internally managed Security Gateways
Module 4: Advanced Security Monitoring
ยท Describe the SmartEvent and Compliance Blade solutions, including their purpose and use.
Lab Tasks
ยท Configure a SmartEvent Server to monitor relevant patterns and events
ยท Demonstrate how to configure Events and Alerts in SmartEvent
ยท Demonstrate how to run specific SmartEvent reports
ยท Activate the Compliance Blade
ยท Demonstrate Security Best Practice settings and alerts
ยท Demonstrate Regulatory Requirements Compliance Scores
Module 5: Upgrades
ยท Identify supported upgrade options.
Lab Task
ยท Upgrade a Security Gateway
ยท Use Central Deployment tool to install Hotfixes
Module 6: Advanced Upgrades and Migrations
ยท Export/import a Management Database.
ยท Upgrade a Security Management Server by freshly deploying the new release or using a new appliance.
Lab Task
ยท Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment
ยท Perform an import of a Primary Security Management Server in a distributed Check Point environment
Module 7: ElasticXL Cluster
ยท Describe the ElasticXL Cluster solution, including its purpose and use.
Lab Tasks
ยท Deploy an ElasticXL Security Gateway Cluster
ยท Unix-like and/or Windows OS
ยท Internet Fundamentals
ยท Networking Fundamentals
ยท Networking Security
ยท System Administration
ยท TCP/IP Networking
ยท Text Editors in Unix-like OS
ยท Minimum of 6-months of practical experience with the management of a Quantum Security Environment.
Check Point Courses
ยท Check Point Certified Security Administrator (required)
ยท Check Point Deployment Administrator (suggested)
ยท Security Analysts
ยท Security Consultants
ยท Security Architects
NIST/NICE Work Role Categories
ยท Implementation & Operation
ยท Protection & Defense
