CCSM: Check Point Security Master

Course Outline

• Obtain a deeper knowledge of the Security Management Architecture.
• Understand how the Security Management Server uses key processes and debugs.
• Review how objects are represented in the database.
• Understand how GuiDBedit operates.
• Understand how to use fw monitor to capture packets.
• Discuss how to enable and use core dumps when a User mode process crashes.
• Understand how to troubleshoot and debug SmartConsole issues.
• Understand how to troubleshoot and debug NAT issues using Gaia commands.
• Understand Client Side and Server Side NAT.
• Describe how to configure port mapping services.
• Recognize how to debug VPN-related issues.
• Understand how to debug HTTPS Inspection related issues.
• Understand how to troubleshoot and debug Content Awareness issues.
• Understand how to troubleshoot Anti-Bot and Antivirus issues.
• Discuss how to use IPS Bypass to manage performance issues.
• Understand how to configure IPS to reduce false positives.
• Understand how to evaluate hardware configurations for optimal performance.
• Discover additional tools to assist in monitoring CPU utilization.
• Understand how to monitor cluster status and work with critical devices.
• Recognize how to use fwaccel and sim to enable and disable accelerated traffic.
• Understand how to configure CoreXL to enhance Security Gateway performance.
• Understand how to deploy IPv6 in a local environment

Lab Exercises Include:

• Perform Solr database queries and review the results.
• Use debug files to troubleshoot SmartConsole.
• Use debug commands to explore common management issues.
• Demonstrate how to troubleshoot two methods of Automatic NAT.
• Demonstrate how to manually configure NAT.
• Configure port mapping of services as an alternative to performing NAT.
• Use vpn debug tools to identify issues that may have occurred during encryption
• Manipulate IPS settings to enhance performance and reduce false positives.
• Evaluate network security conditions using the Check Point CheckMe tool.
• Use policy settings to improve performance of Security Gateways.
• Tune the Security Policy for improved Security Gateway performance
• Evaluate the Security Gateway cluster conditions by examining the debug files.
• Demonstrate how to manage connections in a clustered environment.
• Demonstrate how to debug Security Management Server synchronization
• Demonstrate how to identify the cause of acceleration related issues.
• Demonstrate how to configure advanced CoreXL settings
• Define and test communication in an IPv6 environment