Scribd Logo
Upload

Welcome to Scribd!

  • Curso CCSA - Aula 10 - V1.0

    Uploaded by

    seid
    13 views40 pages
    The document discusses topics for a Check Point CCSA certification course, including VPN configuration between Check Point and third-party firewalls, backup methods like snapshots and system backups, upgrade paths, useful commands, and labs on snapshots, backups and migration tools. It also covers the CCSA certification exam process, including scheduling, topics covered in the official course, associated lab exercises, and the official study guide.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses topics for a Check Point CCSA certification course, including VPN configuration between Check Point and third-party firewalls, backup methods like snapshots and system backups, upgrade paths, useful commands, and labs on snapshots, backups and migration tools. It also covers the CCSA certification exam process, including scheduling, topics covered in the official course, associated lab exercises, and the official study guide.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views40 pages

    Curso CCSA - Aula 10 - V1.0

    Uploaded by

    seid
    The document discusses topics for a Check Point CCSA certification course, including VPN configuration between Check Point and third-party firewalls, backup methods like snapshots and system backups, upgrade paths, useful commands, and labs on snapshots, backups and migration tools. It also covers the CCSA certification exam process, including scheduling, topics covered in the official course, associated lab exercises, and the official study guide.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 40

    Preparatório para a certificação

    Checkpoint CCSA - Aula 10

    VPN, Backup, Upgrade e


    Certificação CCSA

    Cícero Campelo | cicero@cloudcampus.com.br


    OBJETIVO DE AULA

    • VPN
    – VPN IPSec Site-to-Site Check Point x Third Party
    • Backup
    – Snapshot
    – System Backup
    – upgrade_export / upgrade_tools
    • Upgrade Paths
    • Comandos úteis
    • Lab 24 – Snapshot e System Backup
    • Lab 25 – migration_tools
    • Certificação CCSA
    – Agendamento / Tópicos e Labs / Guia de Estudo

    www.CloudCampus.com.br 2
    VPN IPSec Site-toSite
    Check Point x Third Party

    www.CloudCampus.com.br 3
    Check Point x Third Party
    Topologia Check Point

    www.CloudCampus.com.br 4
    Check Point x Third Party
    Rede Remota

    www.CloudCampus.com.br 5
    Check Point x Third Party
    Topologia Firewall Remoto

    www.CloudCampus.com.br 6
    Check Point x Third Party
    Community

    www.CloudCampus.com.br 7
    Check Point x Third Party
    Community

    www.CloudCampus.com.br 8
    Check Point x Third Party
    Encryption

    www.CloudCampus.com.br 9
    Check Point x Third Party
    Shared Secret

    www.CloudCampus.com.br 10
    Check Point x Third Party
    Advanced VPN Properties

    www.CloudCampus.com.br 11
    Check Point x Third Party
    Regra de Firewall

    www.CloudCampus.com.br 12
    Backup

    • Snapshot
    – Imagem (dados, configuração e drivers)
    – O restore precisa ser feito no mesmo tipo de hardware
    – Arquivo de backup grande

    • System Backup
    – Configuração do Sistema Operacional e database do Security
    Management
    – Local ou Remoto (TFTP, SCP ou FTP)
    – Arquivo de backup pequeno (.tgz)
    – Diretório /var/CPbackup/backups/

    www.CloudCampus.com.br 13
    Snapshot via WebUI

    www.CloudCampus.com.br 14
    Snapshot via CLI
    Backup

    • Comando: snapshot

    www.CloudCampus.com.br 15
    Snapshot via CLI
    Revert

    • Comando: revert

    www.CloudCampus.com.br 16
    System Backup via WebUI

    www.CloudCampus.com.br 17
    System Backup via WebUI
    Backup Automático

    www.CloudCampus.com.br 18
    System backup via CLI

    • Criar e salvar um backup local:


    – add backup local

    • Criar e salvar um backup remote via FTP:


    – add backup ftp ip <X.X.X.X> username <NOME> password plain

    • Criar e salvar um backup via TFTP:


    – add backup tftp ip <X.X.X.X>

    • Criar e salvar um backup via SCP:


    – add backup scp ip <X.X.X.X> username <NOME> password
    plain

    www.CloudCampus.com.br 19
    upgrade_export

    • Backup da configuração independente de hardware


    • Não faz backup de nenhuma configuração do sistema
    operacional
    • Menor tamanho de backup

    • Export:
    – # cd $FWDIR/bin/upgrade_tools
    – # ./upgrade_export filename
    • Import:
    – # cd $FWDIR/bin/upgrade_tools
    – # ./upgrade_import filename

    www.CloudCampus.com.br 20
    upgrade_tools
    migrate export | migrate import

    www.CloudCampus.com.br 21
    upgrade_tools
    migrate export

    www.CloudCampus.com.br 22
    upgrade_tools
    migrate import

    www.CloudCampus.com.br 23
    upgrade_export
    Export

    www.CloudCampus.com.br 24
    upgrade_export
    Import

    www.CloudCampus.com.br 25
    Upgrade Paths

    • CP_R76_ReleaseNotes

    www.CloudCampus.com.br 26
    Upgrade Paths

    www.CloudCampus.com.br 27
    Comandos úteis

    www.CloudCampus.com.br 28
    Comandos úteis

    www.CloudCampus.com.br 29
    Lab 24 - Snapshot e System Backup

    www.CloudCampus.com.br 30
    Lab 25 – migration_tools

    www.CloudCampus.com.br 31
    Dúvidas?

    www.CloudCampus.cc
    info@cloudcampus.cc
    +55-11-3662-3832
    Certificação CCSA
    Agendamento
    • http://www.pearsonvue.com/checkpoint/newseries/

    www.CloudCampus.com.br 33
    Certificação CCSA
    Agendamento

    www.CloudCampus.com.br 34
    Certificação CCSA
    Agendamento

    www.CloudCampus.com.br 35
    Certificação CCSA

    • Exame CCSA # 156-215.76


    – 80% de teoria e 20% de experiência prática
    no produto
    – 90 questões (questões de múltipla escolha e
    questões baseadas em cenários)
    – Duração de 120 minutos
    – Score mínimo para aprovação: 70%

    www.CloudCampus.com.br 36
    Certificação CCSA
    Curso Oficial - Tópicos

    • Security Admin 2013 Course Description.pdf


    – COURSE TOPICS
    • Introduction to Check Point Technology
    • Deployment Platforms
    • Introduction to the Security Policy
    • Monitoring Traffic and Connections
    • Using SmartUpdate
    • User Management and Authentication
    • Identity Awareness
    • Introduction to Check Point VPNs

    www.CloudCampus.com.br 37
    Certificação CCSA
    Curso Oficial - Labs

    • Security Admin 2013 Course Description.pdf


    – LAB EXERCISES
    • Distributed Installations
    • Stand-alone Security Gateway Installations
    • Common Tools
    • Building a Security Policy
    • Configure the DMZ
    • Configure NAT
    • Monitor with SmartView Tracker
    • Client Authentication
    • Identity Awareness
    • Site-to-Site VPN between corporate and branch office

    www.CloudCampus.com.br 38
    Certificação CCSA
    Guia de Estudo Oficial
    • http://www.checkpoint.com/services/education/training/docs/self-
    study/SecAdminStudyGuide2013.pdf

    www.CloudCampus.com.br 39
    Revisão Certificação CCSA

    www.CloudCampus.com.br 40

    You might also like