Chapter 1: Introduction to Check Point Technology
Check Point Security Management Architecture (SMART)
- SmartConsole
- Security Management Server
- Security Gateway
The Check Point Firewall
- OSI Model
- Mechanism for controlling
- Network traffic.
- Packet Filtering
- Stateful Inspection
- Application Intelligence
Security Gateway Inspection Architecture
INSPECT Engine Packet Flow
- Deployment Considerations
- Standalone Deployment
- Distributed Deployment
- Standalone Full HA
- Bridge Mode
Check Point Smart Console Clients
- SmartDashboard
- Smartview Tracker
- SmartLog
- SmartEvent
- SmartView Monitor
- SmartReporter
- SmartUpdate
- SmartProvisioning
- SmartEndpoint
Security Management Server
- Managing Users in SmartDashboard
- Users Database
Security Channels of Communication
- Secure Internal Communication
- Testing the SIC Status
- Resetting the Trust State
Lab 1: Distributed Installation
- Install Security Management Server
- Configure Security Management Server - WebUI
- Configuring the Management Server
- Install Corporate Security Gateway
- Configure Corporate Security Gateway - WebUI
- Configuring the Corporate Security Gateway
- Installing SmartConsole
Lab 2: Branch Office Security Gateway Installation
- Install SecurePlatform on Branch Gateway
- Configuring Branch Office Security
- Gateway with the First time Configuration Wizard Configure Branch Gateway – WebUI
Chapter 2: Deployment Platforms
Check Point Deployment Platforms
- Security Appliances
- Security Software Blades
- Remote Access Solutions
Check Point Gaia
- History - Power of Two
- Gaia
- Benefits of Gaia
- Gaia Architecture
- Gaia System Information
Lab 3: CLI Tools
- Working in Expert Mode
- Applying Useful Commands in CLISH
- Add and Delete Administrators via the CLI
- Perform Backup and Restore
Chapter 3: Introduction to the Security Policy
Security Policy Basics
- The Rule Base
- Managing Objects in SmartDashboard
- SmartDashboard and Objects
- Object-Tree Pane
- Objects-List Pane
- Object Types
- Rule Base Pane
Managing Objects
- Classic View of the Objects Tree
- Group View of the Objects Tree
Creating the Rule Base
- Basic Rule Base Concepts
- Delete Rule
- Basic Rules
- Implicit/Explicit Rules
- Control Connections
- Detecting IP Spoofing
- Configuring Anti-Spoofing
Rule Base Management
- Understanding Rule Base Order
- Completing the Rule Base
Policy Management and Revision Control
- Policy Package Management
- Database revision Control
- Multicasting
Lab 4:Building a Security Policy
- Create Security Gateway Object
- Create GUI Client Object
- Create Rules for Corporate Gateway
- Save the Policy
- Install the Policy
- Test the Corporate Policy
- Create the Remote Security Gateway Object
- Create a New Policy for the Branch Office
- Combine and Organize Security Policies
Lab 5: Configure the DMZ
- Create DMZ Objects in SmartDashboard
- Create DMZ Access Rules
- Test the Policy
Chapter 4: Monitoring Traffic and Connections
- Smart View Tracker
- Log Types
- SmartView Tracker Tabs
- Action Icons
- Log-File Management
- Administrator Auditing
- Global Logging and Alerting
- Time Setting
- Blocking Connections
Smart View Monitor
- Customized Views
- Gateway Status View
- Traffic View
- Tunnels View
- Remote Users View
- Cooperative Enforcement View
Monitoring Suspicious Activity Rules
Gateway Status
- Overall Status
- Software Blade Status
- Displaying Gateway Information
Smart View Tracker VS Smart View Monitor
Lab 6: Monitoring with Smart View Tracker
- Launch SmartView Tracker
- Track by Source and Destination
- Modify the Gateway to Active
- SmartView Monitor
Chapter 5: Network Address Translation
Introduction to NAT
- IP Addressing
- Hid NAT
- Choosing the Hide Address in Hide NAT
- Static NAT
- Original Packet
- Reply Packet
- NAT Global Properties
- Object Configuration - Hid NAT
- Hide NAT Using Another Interface
- Static NAT
Manual NAT
- Configuring Manual NAT
- Special Considerations
- ARP
Lab 7: Configure NAT
Configure Static NAT on the DMZ Server
- Test the Static NAT Address
- Configure Hide NAT on the Corporate Network
- Test the Hide NAT Address
- Observe Hide NAT Traffic Using fw monitor
- Configure Wireshark
- Observe Traffic
- Observe Static NAT Traffic Using fw monitor
Chapter 6: Using Smart Update
Smart Update and Managing Licenses
- SmartUpdate Architecture
- SmartUpdate Introduction
- Overview of Managing Licenses
- License Terminology
- Upgrading Licenses
- Retrieving License Data from Security Gateways
- Adding New Licenses to the License & Contract Repository
- Importing License Files
- Adding License Details Manually
- Attaching Licenses
- Detaching Licenses
- Deleting Licenses From License & Contract Repository
- Installation Process
Viewing License Properties
- Checking for Expired Licenses To Export a License to a File
Service Contracts p.
- Managing Contracts Updating Contracts
Chapter 7: User Management and Authentication
Creating users and groups
Security Gateway Authentication
- Types of Legacy Authentication p. 142
- Authentication Schemes p. 143
- Remote User Authentication p. 145
- Authentication Methods p. 146
User Authentication
- User Authentication Rule Base
- Considerations
Session Authentication
- Configuring Session Authentication
Client authentication
- Client Authentication and Sign-On Overview
- Sign-On Methods
- Wait Mode
- Configuring Authentication Tracking
LDAP User Management with UserDirectory
- LDAP Features
- Distinguished Name
- Multiple LDAP Servers
- Using an Existing LDAP Server
- Configuring Entities to Work with the Gateway
- Defining an Account Unit
- Managing Users
- UserDirectory Groups
Lab 8: Configuring User Directory
- Connect User Directory to Security
- Management Server
Chapter 8: Identity Awareness
Introduction to Identity Awareness
- AD Query
- Browser-Based Authentication
- Identity Agents
- Deployment
Lab 9: Identity Awareness
- Configuring the Security Gateway
- Defining the User Access Role
- Applying User Access Roles to the Rule Base
- Testing Identity Based Awareness
- Prepare Rule Base for Next Lab
Chapter 9: Introduction to Check Point VPNs
The Check Point VPN
VPN Deployments
- Site-to-Site VPNs
- Remote-Access VPNs
VPN Implementation
- VPN Setup
- Understanding VPN Deployment
- VPN Communities
- Remote Access Community
VPN Technologies
- Meshed VPN Community
- Star VPN Community
- Choosing a Topology
- Combination VPNs
- Topology and Encryption Issues
Special VPN Gateway Conditions
- Authentication Between Community Members
- Domain and Route-Based VPNs
- Domain-Based VPNs
- Route-Based VPN
Access Control and VPN Communities
- Accepting All Encrypted Traffic
- Excluded Services
- Special Considerations for Planning a VPN Topology
Integrating VPNs into a Rule Base
- Simplified vs. Traditional Mode VPNs
- VPN Tunnel Management
- Permanent Tunnels
- Tunnel Testing for Permanent Tunnels
- VPN Tunnel Sharing
Remote Access VPNs
- Multiple Remote Access VPN Connectivity Modes
- Establishing a Connection Between a Remote User and a Gateway
Lab 10: Site-to-site VPN Between Corporate and Branch Office
- Define the VPN Domain
- Create the VPN Community
- Create the VPN Rule and Modifying the Rule Base
- Test VPN Connection
- VPN Troubleshooting
Chapter 10: Upgrading
Backup and Restore Security Gateways and Management Servers
- Snapshot management
- Upgrade Tools
- Backup Schedule Recommendations
- Upgrade Tools
- Performing Upgrades
- Support Contract
Upgrading Standalone Full High Availability
Lab 1: Upgrading to Check Point R77
- Install Security Management Server
- Migrating Management server Data
- Importing the Check Point Database
- Launch SmartDashboard
- Upgrading the Security Gateway
Chapter 11: Advanced Firewall
Checkpoint Firewall Infrastructure
Kernel Tables
- Connections Table
- Connections Table Format
Check Point Firewall Key Features
- Packet Inspection Flow
- Policy Installation Flow
- Policy Installation Process
- Policy Installation Process Flow
Network Address Translation
- How NAT Works
- Hide NAT Process
- Security Servers
- How a Security Server Works
- Basic Firewall Administration
- Common Commands
FW Monitor
- What is FW Monitor
- C2S Connections and S2C Packets
- fw monitor
Lab 2: Core CLI Elements of Firewall Administration
- Policy Management and Status
- Verification from the CLI
- Using cpinfo
- Run cpinfo on the Security Management Server
- Analyzing cpinfo in InfoView
- Using fw ctl pstat
- Using tcpdump
Chapter 12: Clustering and Acceleration
VRRP
- VRRP vs ClusterXL
- Monitored Circuit VRRP
- Troubleshooting VRRP
Clustering and Acceleration
- Clustering Terms
- ClusterXL
- Cluster Synchronization
- Synchronized-Cluster Restrictions
- Securing the Sync Interface
- To Synchronize or Not to Synchronize
ClusterXL: Load Sharing
- Multicast Load Sharing
- Unicast Load Sharing
- How Packets Travel Through a Unicast
- LS Cluster
- Sticky Connections
Maintenance Tasks and Tools
- Perform a Manual Failover of the
- FW Cluster
- VPN Capabilities
CoreXL: Multicore Acceleration
- Supported Platforms and Features
- Default Configuration
- Processing Core Allocation
- Allocating Processing Cores
- Adding Processing Cores to the Hardware
- Allocating an Additional Core to the SND
- Allocating a Core for Heavy Logging
- Packet Flows with SecureXL Enabled
Lab 3 Migrating to a Clustering Solution
Installing and Configuring the Secondary Security Gateway
- Re-configuring the Primary Gateway
- Configuring Management Server Routing
- Configuring the Cluster Object
- Testing High Availability
- Installing the Secondary Management Server
Configuring Management High Availability
Chapter 13: Advanced User Management
User Management
- Active Directory OU Structure
- Using LDAP Servers with Check Point
- LDAP User Management with User Directory
- Defining an Account Unit
- Configuring Active Directory Schemas
- Multiple User Directory (LDAP) Servers
- Authentication Process Flow
- Limitations of Authentication Flow
- User Directory (LDAP) Profiles
Troubleshooting User Authentication and User Directory (LDAP)
- Common Configuration Pitfalls
- Some LDAP Tools
- Troubleshooting User Authentication
Identity Awareness
- Enabling AD Query
- AD Query Setup
- Identifying users behind an HTTP Proxy
- Verifying there’s a logged on AD user at the source IP
- Checking the source computer OS
- Using SmartView Tracker
Lab 4: Configuring SmartDashboard to Interface with Active Directory
- Creating the Active Directory Object in SmartDashboard
Verify SmartDashboard Communication with the AD Server
Chapter 14: Advanced Ipsec VPN and Remote Access
Advanced VPN Concepts and Practices
- IPsec
- Internet Key Exchange (IKE)
- IKE Key Exchange Process – Phase 1/ Phase 2 Stages
Remote Access VPNs
- Connection Initiation
- Link Selection
Multiple Entry Point VPNs
- How Does MEP Work
- Explicit MEP
- Implicit MEP
Tunnel Management
- Permanent Tunnels
- Tunnel Testing
- VPN Tunnel Sharing
- Tunnel-Management Configuration
- Permanent-Tunnel Configuration
- Tracking Options
- Advanced Permanent-Tunnel configuration
- VPN Tunnel Sharing Configuration
Troubleshooting
VPN Debug
- vpn debug Command
- vpn debug on | off
- vpn debug ikeon |ikeoff
- vpn Log Files
- vpn debug trunc
- VPN Environment Variables
- vpn Command
- vpn tu
- Comparing Sas
Lab 5: Configure Site-to-Site VPNs with Third Party Certificates
- Configuring Access to the Active Directory Server
- Creating the Certificate
- Importing the Certificate Chain and Generating Encryption Keys
- Installing the Certificate
- Establishing Environment Specific Configuration
- Testing the VPN Using 3rd Party Certificates
Lab 6: Remote Access with Endpoint Security VPN
- Defining LDAP Users and Groups
- Configuring LDAP User Access
- Defining Encryption Rules
- Defining Remote Access Rules
Configuring the Client Side
Chapter 15: Auditing and Reporting
Auditing and Reporting Process
- Autiding and Reporting Standards
Smart Event
Smart Event Architecture
- Component Communication Process
- Event Policy User Interface
Smart Reporter
Lab:7 Smart Event and Smart Reporter
- Configure the Network Object in SmartDashboard
- Configuring Security Gateways to work with SmartEvent
- Monitoring Events with SmartEvent
Generate Reports Based on Activities