Checkpoint Firewall

By Vikas Rajpal

Network & Security technologies „ Why Network security „ Type of Threats „ Security technologies „ Basics on static routing and VLANS „ Advance TCP/IP concepts „ Review „ Question Answer session .Agenda – Day1 „ Introduction „ Basics .

Agenda – Day2 „ What is Firewall ? … Why we need firewall. … Limitation of firewalls „ Introduction of Checkpoint Firewall … Checkpoint Product overview … Architecture in detail and various components … Licensing brief … Checkpoint deployment scenarios LAB 1 9Basic checkpoint installation on Windows platform . … Different Firewall technologies.

Agenda – Day3 „ Overview of SPLAT and basic commands „ Understanding Network Address translation … Dynamic NAT … Static NAT … Manual NAT „ Review „ Question Answer session 9Basic checkpoint installation on SPLAT platform – LAB 2 Distributed environment 9Initial configuration of checkpoint gateway .

Day4 „ Security Policy defined … Implicit and explicit rules.NAT and Security 9Command line administration and management controls .Agenda:. … Understanding rule base order & Rule base management … Policy command line options „ Monitoring traffic and connections „ User Authentication „ Review & Question Answer session 9Defining Basics objects 9Configuring Antispoofing controls on gateway LAB 3 9Defining basic rules .

Agenda – Day5 „ Smart Defense „ Encryption and VPN … How encryption works … IKE encryption „ LDAP user management „ Disaster Recovery „ Review & Question Answer session 9Configuring User. Client and session authentication LAB 4 9Configuring LDAP Authentication with smartDirectory 9Backup and restore – Disaster recovery .

„ Successfully adapt NAT rules „ Successfully demonstrate ability to authenticate users „ Understanding on encryption & VPN technology „ Successful Recovery of firewall in case on any disaster „ Troubleshoot the issues with tools like TcpDump & FW monitor . Smart View Tracker … Smart View Reporter. you should be able to:- „ Understanding on various threats & end to end security technologies. „ Successful installation and configuration of checkpoint firewall „ How to use following graphical user interface … Smart Dashboard.. „ Discuss the pros and cons of different firewall technologies. „ Understand what technologies firewalls typically employ. Smart update etc.By the end of this training.

Lab Scenario -1 .

„ Define basic objects in checkpoint.e. „ Verifying the security policy and address translation in Smart view tracker. „ Configuring anti-spoofing and basic security rule base. „ Configuring Hide and Static NAT using both Automatic and manual NAT as per defined security policy. ™Publish internal servers on internet i. Scenario -1 Activities „ NGX distributed installation i. Firewall module on SPLAT and management center on Windows platform. . Security Policy:- ™Internal /LAN users should be able to access internet services through proxy server. ™LAN users should be able to access FTP/SMTP/MSTSC though firewall.e internet users should be able to browse internal resources.

Lab Scenario -2 .

. „ Configuring user. ™Publishing one of DMZ server on internet with non standard port – Original port should be hidden from external users. Scenario -2 Activities „ Defining user templates and setting authentication parameters. ™LAN users should be able to access FTP/SMTP/MSTSC through firewall module ™Publishing of DMZ server on internet i. internet users should be able to browse internal resources. „ Policy based static NAT to access DMZ serves. client and session authentication using both checkpoint local and active directory database „ Advance Rule base function with object cloning and database revision control.e. Security Policy:- ™Internal /LAN users should be able to access internet services through proxy server through user. client and session authentication.

Lab Scenario -3 .

™Corporate users should be able to access the internal resources through internet using IPsec VPN. Scenario -3 Activities „ Scenario 1 and 2 activities. „ Client to site virtual private network using secure remote / client „ Troubleshooting and debugging using tcpdump and Fw. „ Backup and restore for Disaster recovery. . „ Blocking intruder activities through smart view tracker and checking status in smart view monitor.monitor tools Security Policy:- ™LAN and remote users should be able to access internet through proxy server and directly via firewall.

Very strong troubleshooting and analytical skills.govil. Cisco PIX .e. CEH. CCSE. Engineer network security at TechM Three years of Hands on experience in managing checkpoint Mail:.VPN & Radware certified. Faculty Vikas Rajpal – Consultant presales security at IRIS 5 Years of experience in implementation and designing of end to end security technologies with various certifications i. Contact details:- Vikas Rajpal Govil Rajpal Mobile:. CCSA. Contact details:. ISO 27001 LA. Govil Rajpal – Sr.rajpal@gmail.9810890614 Mobile:.9871120103 .

„ 24*7 Lab facility . „ Job Assistance for both fresher as well as professional. „ Customized course material with more emphasis on troubleshooting tools and various real scenarios „ Guidance and assistance to crack interviews and certification exams.Why We ? „ Highly Qualified and experienced faculty with Strong theoretical as well as practical knowledge.

S-9 Second floor.Enigma Gym and Spa .. Dwarka Landmark .Thanks Shop no:. 10 Sector 10 market. Manish Plaza II. Plot no.