Security Master (CCSM R77)(R77)

This course is intended for customers and partners who want to learn how to use advanced commands to configure and troubleshoot Check Point Security Systems. Multiple hands-on lab exercises teach how to bring optimization techniques back to your workplace.

Target audience:    
Technical professionals who support, install, deploy, or administer Check Point Software Blades    

  • CCSE certification or equivalent knowledge
  • Windows Server, UNIX and networking skills and TCP/IP experience
  • Working knowledge of network and internet technology

  • CP View
  • Kernel and User Mode Troubleshooting
  • Network Address Translation
  • Clustering
  • VPN Troubleshooting
  • Hardware Optimization
  • SecureXL Acceleration Debugging
  • IPS
  • IPv6
  • MDSM and VSX Debugging
  • Review the cpview command and its parameters
  • Navigate the CPView interface
  • Use fw ctl chain to observe chain modules. Observe how policy changes impact the chain
  • Use fw monitor to capture packets 
  • Use the fw debug process and debug infrastructures for user mode debugging
  • Review the Connections table using fw tab
  • Debug NAT issues using the fw ctl debug command
  • Perform port forwarding on a gateway
  • Configure port mapping services
  • Understand Client Side and Server Side NAT
  • Configure a proxy ARP for Manual NAT
  • Use cphaprob to monitor cluster status and troubleshoot state synchronization
  • Use vpn debug to debug site-to-site VPN
  • Use ethtool to tune NIC performance
  • Edit ARP Cache table to improve performance
  • Use command fw ctl pstat to improve load capacity
  • Use the fwaccel stat and fwaccel stats outputs to tune the firewall Rule Base
  • Configure CoreXL for specific CPU task assignment
  • Use fwaccel and sim to enable and disable accelerated traffic
  • Debug the FWAccel and SIM modules using the fwaccel dbg and sim dbg commands
  • Use IPS Bypass to manage performance
  • Configure IPS to reduce false positives
  • Deploy IPv6 in a local environment
  • Perform debug in the MDS and DMS environments using the mdsenv and fw debug commands
  • Debug the VSX management server using the fw debug command

Lab exercises:    
  • Working with CPView 
  • Viewing the Chain Modules
  • Troubleshooting Management Issues
  • Advanced Database Troubleshooting
  • Investigating NAT Issues
  • Alternative Methods of Translation
  • NAT for same IP Address Traffic
  • Troubleshooting ClusterXL
  • Troubleshooting VPN Issues
  • Hardware Optimization
  • Software Tuning and Optimization
  • Troubleshooting SecureXL
  • Working with CoreXL
  • Troubleshooting IPS
  • Implementing IPv6
  • Troubleshooting MDSM

This training prepares the student for the Check Point Certified Security Master (CCSM) exam.

Length:        3 days