Security Administrator (CCSA R77)(R77)

Course outline:                
Validate your understanding and skills necessary to configure and optimally manage Check Point Next Generation Firewalls. 
Check Point Security Administration provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network, upgrading and configuring a Security Gateway and implementing a virtual private network.


Target audience:  
Technical persons who support, install, deploy or administer Check Point
Software Blades should attend this course. This could include the following:

  • System Administrators
  • System and Network Engineers
  • Security Managers
  • Anyone seeking CCSA certification

Persons attending this course should have a working knowledge of networking concepts, Windows Server and/or UNIX, and experience with TCP/IP and the Internet.

Follow on course: Check Point Security Engineering (CCSE)



  • Introduction to Check Point Technology
  • Deployment Platforms
  • Introduction to the Security Policy
  • Monitoring Traffic and Connections
  • Network Address Translation
  • Using SmartUpdate
  • User Management and Authentication
  • Identity Awareness
  • Introduction to Check Point VPNs


Lab exercises:  
  • Install and configure Security Management Servers and Security Gateways 
  • Apply commands in the Command Line Interface 
  • Working with Administrators and performing backups.
  • Creating objects and rules 
  • Saving, installing and testing a Security Policy 
  • Defining new policies and combining them 
  • Creating DMZ related objects and rules 
  • Working with SmartView Tracker and SmartView Monitor 
  • Configuring and testing Hide and Static NAT 
  • Configuring and testing Identify Awareness 
  • Defining VPN domains and testing encryption 
  • Working with queries in SmartLog

  • Design and install a distributed environment and install a Security Gateway
  • Create and configure network, host, and gateway objects
  • Verify SIC establishment
  • Create a basic rulebase in SmartDashboard
  • Evaluate existing policies and optimize the rules
  • Maintain the Security Management Server
  • Use queries to monitor IPS and network traffic
  • Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
  • Use SmartView Monitor to configure alerts
  • Configure NAT rules on Web and Gateway servers
  • Monitor remote Gateways using SmartUpdate
  • Upgrade and attach product licenses using SmartUpdate
  • Manage users and user access to the corporate LAN
  • Use Identity Awareness to provide granular level access to network resources
  • Acquire user information used by the Security Gateway to control access
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall rulebase
  • Configure certificate-based, site-to-site VPNs
  • Configure permanent tunnels for remote access
  • Configure VPN tunnel sharing
  • Review the foundation of a query and build a custom query

This training prepares the student for the Check Point Certified Security Administrator exam.


3 days