Description
This training provides all the knowledge necessary for optimizing the application and setting up clustering and high availability mechanisms. It details the use of numerous advanced configuration options such as quality of service (QoS), redundancy, etc.
Who is this training for ?
For whom ?Technician, administrator and systems/networks/security engineer.
Prerequisites
Training objectives
Training program
- Check Point R75/R76 Update
- - Update compatibility.
- - Upgrade tools.
- - Presentation of Database Revision Control.
- - Practical work Installation systems and update to R75/R76.
- Identity Awareness et Application Control
- - The limits of a classic firewall by IP and by port.
- - Access control.
- - The four Identity Awareness R75 authentication methods/ R76.
- - Check Point 3D Security.
- - The "AppWiki".
- - The URL Filtering.
- - The HTTPS Inspection .
- - Practical work Implementation of Identity Awareness and Application Control.
- Le clustering Check Point
- - The high availability of the Management Server.
- - The redundancy of the firewalls.
- - The ClusterXL High Availability (Active/Passive).
- - The ClusterXL Load Sharing (Active/Active).
- - VMAC and ARP issues.
- - The VRRP.
- - SecureXL vs VRRP comparison.
- - Practical work Setting up a high availability cluster and Load Sharing.
- VPN and advanced routing
- - Debugging VPN.
- - VPN routing.
- - Route-Based VPN.
- - Dynamic routing with RIP routing protocols , OSPF and BGP.
- - Wire Mode operating modes.
- - Directional VPN Route Match.
- - Link Selection and VPN redundancy.
- - Traditional/simplified VPN.
- - Tunnel Management.
- - Practical work Setting up Route-Based VPN.
- Advanced Firewall
- - Tools: Dbedit and guiDBedit.
- - System files.
- - Log management.
- - How to use the CPinfo tool? Example of using "InfoView" and "Confwiz".
- - SIC, ICA and certificates.
- - Check Point processes.
- - The very powerful Tcpdump command line packet analyzer.
- - The fw monitor command.
- - Practical work Using debugging tools.
