Validate your understanding and skills necessary to configure and optimally manage Check Point Next Generation Firewalls
· General knowledge of TCP/IP
· Working knowledge of Windows, UNIX, networking, and the Internet
· Design and install a distributed environment and install a Security Gateway
· Create and configure network, host, and gateway objects
· Verify SIC establishment
· Create a basic rulebase in SmartDashboard
· Evaluate existing policies and optimize the rules
· Maintain the Security Management Server
· Use queries to monitor IPS and network traffic
· Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
· Use SmartView Monitor to configure alerts
· Configure NAT rules on Web and Gateway servers
· Monitor remote Gateways using SmartUpdate
· Upgrade and attach product licenses using SmartUpdate
· Manage users and user access to the corporate LAN
· Use Identity Awareness to provide granular level access to network resources
· Acquire user information used by the Security Gateway to control access
· Define Access Roles for use in an Identity Awareness rule
· Implement Identity Awareness in the Firewall rulebase
· Configure certificate-based, site-to-site VPNs
· Configure permanent tunnels for remote access
· Configure VPN tunnel sharing
· Review the foundation of a query and build a custom query
Perform a backup of a Security Gateway and Management Server.
· Upgrade a Management Server..
· Perform debugs on Firewall processes.
· Build, test, and troubleshoot a ClusterXL Load Sharing deployment, a ClusterXL High Availability deployment, a management HA deployment on an enterprise network.
· Configure SecureXL and CoreXL acceleration.
· Troubleshoot a VRRP deployment on an enterprise network.
· Configure User Directory to incorporate user information.
· Manage internal and external user access.
· Troubleshoot a site-to-site or certificate-based using IKEView, VPN log files, and command line debug tools.
· Optimize VPN performance and availability by using Link Selection and MEP solutions.
· Manage and test corporate VPN tunnels.
· Provide corporate level protection to mobile devices using Check Point Capsule.
· Identify the four steps of emulation.
· Review the methods in which the Anti-Virus and Anti-Bot software blades prevent malware and bot infections.
· Set up a Threat Prevention profile.
· Review IPS profile properties.
· Review the available IPS protections and manipulate the action taken on packets when they match a threat.
· Generate reports on specific network traffic using SmartReporter and SmartEvent.