COURSE GOAL

This course provides advanced knowledge, skills, and hands-on experience needed to deploy, manage, and monitor existing Quantum Security Environments. It teaches how to deploy Management HA, provide advanced policy management, configure Site-to-Site VPN, provide advanced security monitoring, upgrade a Security Gateway, use Central Deployment tool to install hotfixes, perform an import of a Primary Security Management Server, and Deploy ElasticXL Cluster.

Certification Exam

This course prepares for exam 156-315.82

Course Schedule

WHO SHOULD ATTEND?

Security Engineers / Analysts / Consultants / Architects who support Check Point products.

PREREQUISITES:

CCSA Training / Certification required, CPDA course suggested, fundamental Unix and Windows knowledge, system administration, networking knowledge and min. 6-months of practical experience
with the management of a Quantum Security Environment

COURSE TOPICS

• Management High Availability
• Advanced Policy Configuration
• Site-to-Site VPN
• Advanced Security Monitoring
• Upgrades
• Advanced Upgrades and Migrations
• ElasticXL Cluster

COURSE OBJECTIVES

• Explain the purpose of Management High Availability.
• Identify the essential elements of Management High Availability.
• Identify ways to enhance the Security Policy with more object types.
• Create dynamic objects to make policy updatable from the Gateway.
• Manually define NAT rules.
• Configure Security Management behind NAT.
• Discuss site-to-site VPN basics, deployment, and communities.
• Describe how to analyze and interpret VPN tunnel traffic.
• Understand how to authenticate with third-party and externally managed VPN Gateways.
• Explain Link Selection and ISP Redundancy options.
• Explain tunnel management features.
• Describe the SmartEvent and Compliance Blade solutions, including their purpose and use.
• Identify supported upgrade options.
• Export/import a Management Database.
• Upgrade a Security Management Server with a fresh deployment of the new release.
• Describe the ElasticXL Cluster solution, including its purpose and use.

LAB TASKS

• Deploy and configure Management High Availability
• Ensure the failover process functions as expected
• Use Updatable Objects
• Configure NAT for server and network objects
• Configure Management behind NAT for Branch Office connections
• Configure Site-to-Site VPN with internally managed Security Gateways
• Configure a SmartEvent Server to monitor relevant patterns and events
• Demonstrate how to configure Events and Alerts in SmartEvent
• Demonstrate how to run specific SmartEvent reports
• Activate the Compliance Blade
• Demonstrate Security Best Practice settings and alerts
• Demonstrate Regulatory Requirements Compliance Scores
• Upgrade a Security Gateway
• Use Central Deployment tool to install Hotfixes
• Prepare to perform an Advanced Upgrade with Database Migration
• Perform an import of a Primary SMS in a distributed Check Point environment
• Deploy an ElasticXL Security Gateway Cluster