Checkpoint - CCSA NGX (Management I)Rooman Technologies Pvt. Ltd.
Price on request
Checkpoint - CCSA NGX (Management I)
CCSA is a foundation level certification that validates a candidates ability to configure and manage fundamental implementations of Check Point's flagship product, FireWall-1, as an enterprise level Internet security solution to protect corporate networks. CCSA training by including an in depth study of encryption technologies and how to implement site-to-site VPNs.
Audience : System Administrators, Security Managers, Network Engineers and Individual seeking CCSA certification.
Key Benefits :
As a CCSA, security professionals possess the requisite skills to define and configure security policies that enable secure access to information across corporate networks.
Course Contents :
VPN-1 NGX Overview:
* How VPN-1 NGX Works.
* The INSPECT Engine.
* Packet Flow Through the INSPECT Engine.
* VPN-1 NGX Architecture.
* Distributed Deployments.
* SVN Foundation.
* Secure Internal Communications (SIC).
* SIC Between SmartCenter Servers, Components and Clients.
The Security Policy:
* Security Policy Defined.
* Security Policy Considerations.
* Detecting IP Spoofing and Configuring Anti-Spoofing.
* Configuring Multicast Access Control.
* Multicast Routing Protocols.
* Basic Rule Base Concepts.
* Cleanup Rule, Stealth Rule, Implicit / Explicit Rules.
* Verifying Implied Rules.
* Understanding Rule Base Order.
* Security Policy Command-Line Options.
* Advanced Rule base Functions.
* Object Cloning.
* Rule Base Management and optimization.
* Database-Revision Control and Policy Package Management.
Monitoring Traffic and Connections:
* SmartView Monitor Login.
* Monitoring Suspicious Activity Rules.
* Monitoring Alerts.
* Monitoring Traffic or Counters.
* Monitoring Remote Users.
* Eventia Reporter.
* Eventia Reporter Login.
* Report Types and Report Structure.
* Customizing Predefined Reports.
* Log Consolidation Process.
Network Address Translation:
* Understanding Network Address Translation.
* Dynamic NAT and Static NAT.
* Dynamic Ports and Port Assignment.
* Configuring Network Address Translation.
* IP Pool NAT.
* Dynamic NAT Object Configuration.
* Dynamic NAT Using Security Gateway Interface.
* Dynamic NAT Not Using Security Gateway Interface.
* Static NAT Object Configuration.
* Manual NAT.
* Active Defense.
* Components of SmartDefense.
* Enforcement Integrated with NGX.
* Management Integrated with SmartDashboard.
* SmartDefense Capabilities.
* Defenses Against Attacks.
* Implicit Defenses.
* Abnormal-Behavior Analysis.
* SmartDefense in Action.
* Anti-Spoofing Configuration Status.
* Denial-of-Service Attacks.
* Web Intelligence.
* User authentication and authentication parameters.
* Understanding the need for authentication.
* Deploying user authentication.
* Stealth authentication.
* Client and session authentication.
* Sign on methods.
* Deploying client authentication.
* Additional features of single sign on and client authentication.
* Deploying session authentication.
* Successful Authentication Tracking.
LDAP User Management with SmartDirectory:
* LDAP Servers.
* Introduction to Account Management.
* Lightweight Directory Access Protocol.
* Distinguished Name.
* Multiple LDAP Servers.
* Integrating LDAP with NGX.
* Exporting Users.
* Using an Existing LDAP Server.
* Using SmartDashboard to Manage LDAP Users.
* LDAP and User Manager Troubleshooting.
* Schema Checking.
* Using LDAP without implementing NGX Schema.
* NGX LDAP Server Communication.
Encryption and Virtual Private Networks (VPNs):
* How encryption works.
* VPN-1/FireWall-1 encryption schemes and algorithms.
* Encryption technologies.
* Using certificates.
* Certificate authority deployment.
* Backing Up for Disaster Recovery.
* Exporting User Database Only.
* Backing Up Using Export.
* Backup Steps.
* Backing Up Manually.
* Restoring SmartCenter Server on Windows 2003 Server.