Backup and Restore Security Gateways and Management Servers

  • Snapshot management
  • Upgrade Tools
  • Backup Schedule Recommendations
  • Upgrade Tools
  • Performing Upgrades
  • Support Contract

Lab 1: Upgrading to Check Point R77 (Upgrading Standalone Full High Availability)

  • Install Security Management Server
  • Migrating Management server Data
  • Importing the Check Point Database
  • Launch SmartDashboard
  • Upgrading the Security Gateway
  • Advanced Firewall Check Point Firewall Infrastructure
    • GUI Clients
    • Management
  • Security Gateway
    • User and Kernel Mode Processes
    • CPC Core Process
    • FWM
    • FWD
    • CPWD
    • Inbound and Outbound Packet Flow
    • Outbound Chain Modules
    • Columns in a Chain
    • Stateful Inspection
  • Kernel Tables
    • Connections Table
    • Connections Table Format
  • Check Point Firewall Key Features
    • Packet Inspection Flow
    • Policy Installation Flow
    • Policy Installation Process
  • Network Address Translation
    • How NAT Works
    • Hide NAT Process
    • Security Servers
    • How a Security Server Works
    • Basic Firewall Administration
    • Common Commands
  • FW Monitor
    • What is FW Monitor
    • C2S Connections and S2C Packets
    • fw monitor

Lab 2: Core CLI Elements of Firewall Administration

  • Policy Management and Status
  • Verification from the CLI
  • Using cpinfo
  • Run cpinfo on the Security Management Server
  • Analyzing cpinfo in InfoView

  • Using fwctlpstat
  • Using tcpdump
  • Clustering and Acceleration VRRP
    • VRRP vs ClusterXL
    • Monitored Circuit VRRP
    • Troubleshooting VRRP
  • Clustering and Acceleration
    • Clustering Terms
    • ClusterXL
    • Cluster Synchronization
    • Synchronized-Cluster Restrictions
    • Securing the Sync Interface
    • To Synchronize or Not to Synchronize
  • ClusterXL: Load Sharing
    • Multicast Load Sharing
    • Unicast Load Sharing
    • How Packets Travel Through a Unicast
    • LS Cluster
    • Sticky Connections
  • Maintenance Tasks and Tools
    • Perform a Manual Failover of the FW Cluster
    • Advanced Cluster Configuration
  • Management HA
    • The Management High Availability Environment
    • Active vs. Standby
    • What Data is Backed Up?
    • Synchronization Modes
    • Synchronization Status
  • SecureXL: Security Acceleration
    • What SecureXL Does
    • Packet Acceleration
    • Session Rate Acceleration
    • Masking the Source Port
    • Application Layer Protocol An Example with HTTP
    • HTTP 1.1
    • Factors that Preclude Acceleration
    • Factors that Preclude Templating
    • Session Acceleration
    • Packet Flow
    • VPN Capabilities
  • CoreXL: Multicore Acceleration
    • Supported Platforms and Features
    • Default Configuration
    • Processing Core Allocation
    • Allocating Processing Cores
    • Adding Processing Cores to the Hardware
    • Allocating an Additional Core to the SND
    • Allocating a Core for Heavy Logging
    • Packet Flows with SecureXL Enabled

Lab 3: Migrating to a Clustering Solution

  • Installing and Configuring the Secondary Security Gateway
  • Re-configuring the Primary Gateway
  • Configuring Management Server Routing
  • Configuring the Cluster Object
  • Testing High Availability
  • Installing the Secondary Management Server
  • Configuring Management High Availability
  • Advanced User Management
    • Active Directory OU Structure
    • Using LDAP Servers with Check Point
    • LDAP User Management with User Directory
    • Defining an Account Unit
    • Configuring Active Directory Schemas
    • Multiple User Directory (LDAP) Servers
    • Authentication Process Flow
    • Limitations of Authentication Flow
    • User Directory (LDAP) Profiles
  • Troubleshooting User Authentication and User Directory (LDAP)
    • Common Configuration Pitfalls
    • Some LDAP Tools
    • Troubleshooting User Authentication
  • Identity Awareness
    • Enabling AD Query
    • AD Query Setup
    • Identifying users behind an HTTP Proxy
    • Verifying there's a logged on AD user at the source IP
    • Checking the source computer OS
    • Using SmartView Tracker

Lab 4: Configuring Smart Dashboard to Interface with Active Directory

  • Creating the Active Directory Object in Smart Dashboard
  • Verify Smart Dashboard Communication with the AD Server
  • Advanced IPsec VPN and Remote Access
    • Advanced VPN Concepts and Practices
    • IPsec
    • Internet Key Exchange (IKE)
    • IKE Key Exchange Process Phase 1/ Phase 2 Stages
  • Remote Access VPNs
    • Connection Initiation
    • Link Selection
  • Multiple Entry Point VPNs
    • How Does MEP Work
    • Explicit MEP
    • Implicit MEP
  • Tunnel Management
    • Permanent Tunnels
    • Tunnel Testing
    • VPN Tunnel Sharing
    • Tunnel-Management Configuration
    • Permanent-Tunnel Configuration
    • Tracking Options
    • Advanced Permanent-Tunnel configuration
    • VPN Tunnel Sharing Configuration
  • Troubleshooting
    • VPN Encryption Issues
    • VPN Debug
    • vpn debug Command
    • vpn debug on | off
    • vpn debug ikeon |ikeoff
    • vpn Log Files
    • vpn Command
    • vpntu
    • Comparing SAs

Lab 5: Configure Site-to-Site VPNs with Third Party Certificates

  • Configuring Access to the Active Directory Server
  • Creating the Certificate
  • Importing the Certificate Chain and Generating Encryption Keys
  • Installing the Certificate
  • Establishing Environment Specific Configuration
  • Testing the VPN Using 3rd Party Certificates

Lab 6: Remote Access with Endpoint Security VPN

  • Defining LDAP Users and Groups
  • Configuring LDAP User Access
  • Defining Encryption Rules
  • Defining Remote Access Rules
  • Configuring the Client Side
  • Auditing and Reporting SmartEvent
    • SmartEvent Introduction
  • SmartEvent Architecture
    • Component Communication Process
    • Event Policy User Interface
  • SmartReporter
    • Report Types

Lab 7: SmartEvent and SmartReporter

  • Configure the Network Object in SmartDashboard
  • Configuring Security Gateways to work with SmartEvent
  • Monitoring Events with SmartEvent
  • Generate Reports Based on Activities