Check Point Security Master

Check Point Security Master is an advanced technical 3-day course which teaches how to use advanced commands to configure and troubleshoot Check Point Security Systems.

Course Outline

  • Firewall-1 administration and infrastructure review

  • How policy changes impact chain module behavior

  • Identify management issues and problems with commands

  • Use commands to troubleshoot NAT stages

  • Configure Manual NAT to define specific rules

  • Use commands to review and clear connections table

  • Modify files to allow traffic through a specific cluster member

  • Locate the source of encryption failures using commands

  • Use commands to verify VPN connectivity

  • Identify any potentially mis-configured VPNs

  • Tune NIC performance

  • Increase size and improve hardware performance

  • Improve load capacity

  • Tune the firewall rule base

  • Reduce load on Rule Base application

  • Improve network performance

  • Improve logging efficiency

  • Use IPS Bypass to manage performance

  • Deploy IPv6 in a local envrionment

  • Identify differences between VPNs

  • Configure VPN Tunnel Interface (VTI)

  • Configure Open Shortest Path First (OSPF)

Lab Exercises Include:

  • Evaluate Chain Modules

  • Modify Security Policies

  • Examine how rules and objects affect optimization

  • Troubleshoot Secure Internal Communication issues

  • Identify a mis-configured rule

  • Identify the source of GUI client connectivity problems

  • Improve load capacity through optimization

  • Optimize network performance

  • Configure Manual NAT

  • Troubleshoot ClusterXL and SecureXL

  • Configure IPS to reduce false positives

  • Identify the speed of the system?s CPU

  • Identify connections in the ClusterXL debug file

  • Troubleshoot a mis-configured VPN

  • Identify VPN configuration problems

  • Identify acceleration status of current connections

  • Identify the source of an encryption failure


This course is recommended for Systems Administrators, Security Engineers, Network Engineers and CCSEs seeking higher certification. In addition, it is for customers and partners who want to learn the advanced skills to troubleshoot and configure Check Point Security Gateway and Management Software Blades.