This bundle course covers the following two Check Point training courses:

• Check Point Certified Security Expert (CCSE) R81.20 (3 days)
• Check Point Certified Troubleshooting Expert (CCTE) R81.20 (2 days)

The CCSE R81.20 part of the course covers the fundamentals needed to deploy, configure, and manage daily operations of Check Point Security Gateways and Management Software Blades that run on the Gaia operating system.

The CCTE R81.20 part of the course

provides advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point security environment.

CCSE R81.20

• Identify basic interfaces used to manage the Check Point environment.
• Identify the types of technologies that Check Point supports for automation.
• Explain the purpose of the Check Management High Availability (HA) deployment.
• Identify the workflow followed to deploy a Primary and solution Secondary servers.
• Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness.
• Identify how to exclude services from synchronizing or delaying synchronization.
• Explain the policy installation flow.
• Explain the purpose of dynamic objects, updatable objects, and network feeds.
• Understand how to manage user access for internal and external users.
• Describe the Identity Awareness components and configurations.
• Describe different Check Point Threat Prevention solutions.
• Articulate how the Intrusion Prevention System is configured.
• Obtain knowledge about Check Point’s IoT Protect.
• Explain the purpose of Domain-based VPNs.
• Describe situations where externally managed certificate authentication is used.
• Describe how client security can be provided by Remote Access.
• Discuss the Mobile Access Software Blade.
• Explain how to determine if the configuration is compliant with the best practices.
• Define performance tuning solutions and basic configuration workflow.
• Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
• Identify supported upgrade methods and procedures for Security Gateways.

CCTE R81.10

• Identify and use Linux-based and Check Point commands and tools for system monitoring, file editing, and file viewing.
• Identify and use the appropriate troubleshooting and debug commands/tools to resolve advanced Management Server and API Server issues.
• Investigate and troubleshoot traffic or security-related issues using logs and events monitoring tools.
• Identify and use the appropriate troubleshooting and debug commands/tools to resolve advanced Security Gateway issues.
• Demonstrate an understanding of advanced troubleshooting tools and techniques for kernel debugging.
• Identify and use the appropriate troubleshooting and debug commands/tools to resolve advanced Access Control issues.
• Identify and use the appropriate troubleshooting and debug commands/tools to resolve advanced Identity Awareness issues.
• Identify and use the appropriate troubleshooting and debug commands/tools to resolve advanced Site-to-Site VPN Troubleshooting issues.
• Identify and use the appropriate troubleshooting and debug commands/tools to resolve advanced Client-to-Site VPN Troubleshooting issues.

Topics:

CCSE R81.20

• Advanced Deployments
• Management High Availability
• Advanced Gateway Deployment
• Advanced Policy Configuration
• Advanced User Access Management
• Custom Threat Protection
• Advanced Site-to-Site VPN
• Remote Access VPN
• Mobile Access VPN
• Security Monitoring
• Performance Tuning
• Advanced Security Maintenance

CCTE R81.20

• Introduction to Advanced Troubleshooting
• Advanced Management Server Troubleshooting
• Advanced Troubleshooting with Logs and Events
• Advanced Gateway Troubleshooting
• Advanced Firewall Kernel Debugging
• Advanced Access Control Troubleshooting
• Advanced Identity Awareness Troubleshooting
• Advanced Site-to-Site VPN Troubleshooting
• Advanced Client-to-Site VPN Troubleshooting

Exercises:

CCSE R81.20

• Navigating the Environment and Using the Management API
• Deploying Secondary Security Management Server
• Configuring a Dedicated Log Server
• Deploying SmartEvent
• Configuring a High Availability Security Gateway Cluster
• Working with ClusterXL
• Configuring Dynamic and Updateable Objects
• Verifying Accelerated Policy Installation and Monitoring Status
• Elevating Security with HTTPS Inspection
• Deploying Identity Awareness
• Customizing Threat Prevention
• Configuring a Site-to-Site VPN with an Interoperable Device
• Deploying Remote Access VPN
• Configuring Mobile Access VPN
• Monitoring Policy Compliance
• Reporting SmartEvent Statistics
• Tuning Security Gateway Performance

CCTE R81.20

• Collect and read live and historical CPView data.
• Troubleshoot CPM and SmartConsole login issues.
• Restore a Management High Availability environment from a temporary Primary Down condition.
• Troubleshoot SmartLog processes.
• Collect and interpret user mode debugs.
• Collect and interpret kernel debugs.
• Debug Unified Policy Inspection in kernel to understand match process.
• Debug the Identity Awareness user mode processes.
• Collect and interpret Site-to-Site VPN Debugs.
• Collect and interpret Remote Access VPN Debugs.

• Technical Professionals who architect, upgrade, maintain, and support Check Point products.
• Security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments.

• Working knowledge of UNIX and/or Windows operating systems,
• Working knowledge of Networking,
• TCP/IP, z,
• CCSE training/certification,
• Advanced knowledge of Check Point Security Products.