CCSA

This course is designed for students who are new to Checkpoint firewall and looking to expand their skill sets in network and secuirty domain. Candidates should have basic understaing on ip addressing, routing and switching technoilogies.

Upon completion of this course, students will be able to:

Explain the features and advantages of the checkpoint firewall architecture
Perform the basic & advance configuration of the firewall including:
- Checkpoint three tier Architecture
- Understating packet flow with NAT, policy , VPN operation
- Configuring interfaces, security policies
- Setting up detailed operation of NAT
- Overview of IPsec VPN technology
- Understating various tools including smart dashboard, smart view tracker, monitor, update etc..
- Authentication with identity awareness

Course content

Module 0 – Security basics & firewall technologies overview

Network security concepts explained
Enterprise security architecture – defense in depth / layered security architecture
Understanding various firewall technologies likes of :
- Packet filter firewall
- Application gateway firewall
- Stateful Inspection
- Next generation firewall
Basic understanding on Various application protocols including HTTP, FTP, DNS & DHCP

Module 1 – Checkpoint platform Architecture

Understanding on 3-tier architecture
- Security Gateway
- Security Management
- Smart Console tools
Secure internal communication (SIC)
Understating Anti spoofing and topology configuration in checkpoint
Design consideration with checkpoint security solution
Detailed checkpoint Packet flow

Module2 – Installation and Administration in virtual environment

Understanding standalone and distributed deployment architecture
Understanding IP address spoofing and security gateway topology
Understating checkpoint security rule base
- Implicit security policies
- Explicit security policies
- Rule base order
- Security policy designing best practices
Controlling multiple policy packages via single Security Management

Module3 – Network Address Translation

Overview on NAT requirements
Network address translation
- Source NAT
- Destination NAT
- Static NAT
- Dual NAT
Understating and implementation of NAT policies

Module 4 – Introduction of VPN

Overview of VPN technologies
- SSL VPN
- IPsec VPN
Understating on policy based vpn and its limitations
Route based VPN

Module 5 – Advanced administration & Configuration

Backup of Security gateway and Security management
- Crating snapshots
- Import export tool
- Database revision control
Understating checkpoint licensing using smart update
Understating checkpoint auditing and reporting tools
- Smart view tracker
- Smart event
- Smart reporter
Upgrade a clustered security gateway deployment
Consolidate multiple firewalls to single management platform
Understating basic checkpoint command line operation