Checkpoint Firewall | CCSA R81.10 | Suspicious Activity Monitoring (SAM) Rules | LAB

https://nettechcloud.com
[Instructor Manoj Verma CCIE-43923]
For complete Course Visit us at
https://nettechcloud.com/courses/ccsa...


CHECK POINT CERTIFIED SECURITY ADMINISTRATOR (CCSA)- R81
COURSE TOPICS:

Module 1: Overview of Firewall Technologies
What is a Firewall
Firewall Technologies
Legacy or Traditional Firewalls
Next Generation Firewalls

Module 2: Introduction to Checkpoint Technology
Security Management Architecture – SMART
Checkpoint Core Systems – 3 Tier Architecture
Secure Internal Communication – SIC
Internal Certificate Authority – ICA
Initializing trust

Module 3: Checkpoint Security Solutions and Licensing
Software Blade Architecture
Security Gateway Software Blades
Management Server Software Blades
Licensing overview

Module 4: Checkpoint Firewall Deployment
Deployment Platforms
Checkpoint Gaia OS
Standalone Deployment
Distributed Deployment

Module 5: Gaia OS Installation and Configuration
Preparing for LAB
Gaia OS Installation
Initial Configuration – WebUI
Downloading and Installing Smart Console

Module 6: Secure Internal communication (SIC)
Smart console access to management Server
Creating Security gateway object
SIC establishment
Verifying Policy installation

Module 7: Anti spoofing
Understanding IP spoofing
Prevention and tracking
Network group

Module 8: Security Policy Management
Security Policy Basics
Implicit and Explicit Security rules
Publishing Security Policy
Installing Security Policy

Module 9: Logging and Monitoring
Security and Audit Logs
Smart View Monitor
Monitoring Traffic and Connections

Module 10: HTTPS Inspection
SSL Handshake
Digital Certificate
Inbound and outbound Inspection
Enabling HTTPS Inspection
HTTPS Inspection Policy

Module 11: Application Control and URL Filtering
Application and URL Filtering Blades
Editing Policy Layer
Creating Security Rule
Monitoring Application and URL Filtering

Module 12: Zone Based Security Rule
Understanding Security Zone
Creating Zone Based security Rule

Module 13: Inline Layer Policy
Benefits of Inline Layer Policy
Creating Inline Layer Policy

Module 14: Suspicious Activity Rules
Understanding SAM Rule
Creating SAM Rule from Smart View Monitor

Module 15: Network Address Translation – NAT
Introduction to NAT
Types of NAT – Static and Hide NAT
Automatic Vs Manual NAT
Manual Proxy ARP – Local.arp
NAT – Global Properties

Module 16: Managing User Access
Identity Awareness
Methods for Acquiring Identity
Light Weight Directory Access Protocol – LDAP

Module 17: Threat Prevention Solution
Threat Prevention Components
Threat Prevention Profiles

Module 18: Intrusion Prevention System (IPS)
IPS Software Blade
IPS Protection

Module 19: Anti Virus and Anti Bot
Anti Virus
Anti Bot

Module 20: Sand Blast
Sandblast – Threat Emulation
Sandblast – Threat extraction

Module 21: Adding a Second Security Gateway
Creating Security Rule for SIC
Control connections and NAT
Policy Packages

Module 22: Virtual Private Network
VPN Overview
IPsec site to site VPN
Internet Key Exchange (IKE)
Phase 1 and Phase 2 Tunnels
Domain Based VPN Vs Route Based VPN
VPN Community and Domain

Module 23: IPsec site to Site VPN Configuration
Creating VPN Community
Encryption Domains
IKE Phase 1 and Phase 2 Attributes

Module 24: IPsec S2S VPN between Checkpoint and Cisco
Configuring Cisco Router
Interoperable Device Object
Checkpoint Gateway Configuration

Module 25: Troubleshooting IPsec VPN
VPN Debug
Analyzing debug log with Ikeview tool

Module 26: Remote Access VPN
Clientless Vs Client based
SSL VPN
Split Tunnelling

Module 27: Backup and Snapshot
Database Revisions
Backup and Restore
Snapshot and Revert

Module 28: CLI and Troubleshooting
Clish and Bash (Expert Mode)
Important commands
TCPDUMP and fw monitor

Module 29: Packet Flow
#CheckpointFirewall #CCSAR81 #samrules