Год выпуска: 2013
Производитель: CBT Nuggets
Сайт производителя: http://www.cbtnuggets.com/
Автор: Keith Barker
Продолжительность: 8 часов
Тип раздаваемого материала: Видеоурок
This Check Point CCSA video training course with Keith Barker covers how to configure and manage a Check Point deployment.
Related Area of Expertise:
Basic knowledge of networking
Basic Windows or Linux skills
Virtualization S/W such as VBox or VMware
Check Point CCSA (Check Point Certified Administrator)
Check Point CCSE (Check Point Certified Security Expert)
Related Job Functions:
Install Check Point Managers and Gateways
Manage Network Address Translation (NAT)
Configure security policies
Backup and restore
Troubleshoot network connections
Perform LDAP/AD integration
Enable Identity awareness
Enforce Application control and URL filtering
Configure IPsec VPNs
In this Nugget, Keith introduces you to the course and shares with you how to get the most out of this Check Point training.
2. Check Point Fundamentals (16 min)
In this Nugget, Keith shares with you the Architecture that Check Point uses, including an overview of filtering methods and operating systems (past and present) that we may see in a CP deployment. This video includes OPT-out questions, providing you the opportunity to "test out" of this video and move directly to the next one.
3. Installing GAiA (31 min)
We need to have the Check Point OS installed before we can configure it. In this Nugget, join Keith as you install GAiA R76 to create a Manager and Gateway device in a distributed implementation. The topology diagram is available as part of the NuggetLab files for this course.
4. Linking the Manager & Firewall (26 min)
In this Nugget, join Keith as IP addresses are configured on the Gateway, banners are set and SmartConsole software is downloaded from the Manager server to the PC. The use of SmartDashboard to create Gateway, Host and Network objects is demonstrated, along with linking the Manager to the Gateway. You are encouraged to practice along side of Keith each step of they way, as you build your Check Point skills.
5. Pushing Policy (34 min)
In this Nugget, you join Keith to create objects and policies on the Manager using SmartDashboard, and then push those policies out to the Gateway. Command Line Interface (CLI) tools will also be demonstrated in verifying the current policy that is in use on a Firewall.
6. NAT (34 min)
Network Address Translation (NAT) is a key feature for any Firewall. In this Nugget, Keith explains and demonstrates implementing Static and Dynamic NAT, including "Hide" NAT on a Check Point firewall. Concepts of Source/Destination NAT are also explained and demonstrated.
7. Policy Packages & Database Versions (32 min)
Managing multiple firewalls, and being able to restore from a previous configuration are critical skills, and in this Nugget, you join Keith as he teaches and demonstrates both techniques.
8. SmartView Tracker (28 min)
Sorting through log and accounting files has never been so much fun! Seriously. This Nugget demonstrates the features of SmartView Tracker and managing Log files and configure settings that control them. You are encouraged to practice alongside of Keith using either the a practice lab topology you have created, or by using SmartDashboard in "demo" mode.
9. SmartView Monitor (20 min)
Need to know what the real-time flows of traffic are through a gateway, or what the top talkers are on your network? SmartView Monitor delivers that information and much much more, including the ability to implement real-time blocking of traffic to stop an immediate threat.
10. LDAP (22 min)
Using a centralized user database, such as LDAP can save the time and effort of recreating users inside of Check Point. In this Nugget, Keith walks you through configuring access to an LDAP database using an LDAP account unit. Windows Server 2012 is used in this video as the LDAP server.
11. Identity Awareness (35 min)
The Gateway can allow access based on details such as which subnet a customer is using, who that user is and even what machine they are using. This feature is called Identity Awareness. An additional benefit is that the log files can also include the usernames associated with network activity. In this Nugget, Keith walks you through enabling, testing and verifying Identity Awareness.
12. App Control and URL Filtering (31 min)
Application layer awareness and the ability to control traffic at that level is a very bright star in the Check Point galaxy. In this Nugget, Keith demonstrates how to enable the features, configure policy based on web site category, the application payload, or both.
13. HTTPS Inspection (26 min)
When the gateway needs to analyze application layer traffic, it is tough to do so if that payload is encrypted using SSL/TLS. In this Nugget, join Keith as you learn how the firewall can act as a man-in-the-middle, between a client and final SSL server using HTTPS inspection.
14. CLI (27 min)
The Command Line Interface may be the only way to recover a gateway that is unable to communicate with its manager. In this Nugget, Keith introduces a few CLI modes and commands for backup and restore, re-establishing SIC, checking on status, and much more.
15. IPsec VPNs (Site to Site) (36 min)
Everyone deserves a little confidentiality, and the encryption used by IPsec provides just that (along with authentication and data integrity too). In this Nugget, Keith walks you through the concepts and protocols used by IPsec, and then demonstrates implementing a site to site IPsec VPN between FW1 and FW2. Verification and troubleshooting using CLI and GUI tools also are demonstrated.
16. Backup and Recovery (16 min)
The question isn't IF you will need to restore from a backup, but rather WHEN! In this Nugget, Keith shares with you several backup methods, including what is backed up and which tools(CLI, WebGUI, DashBoard) are supported for each method (revisions, backups, images).
17. Smart Update (14 min)
Having a tool that can assist in the remote updates of licenses, patches, and OS fixes is useful. Fortunately, that tool is provided in a Check Point system and is called SmartUpdate. In this Nugget, Keith introduces what it can do and demonstrates how to use it.
18. Additional Check Point Features (27 min)
In this Nugget, Keith introduces you to some of the additions software blades, and VPN options available in a Check Point network. Legacy user authentication (user, client, session) is presented along with how to configure it as part of a firewall rule.
19. CCSA Exam Success (16 min)
Here are some tips from Keith about having a successful CCSA certification exam. Thanks for watching the CCSA Check Point course!
Видео: H264-MPEG4, 1280x720, 500kbps, 16:9, 15 fps,
Аудио: MPEG AAC, Stereo, 22,5 KHz