Training and Consultancy

Select by Category

Course Schedules

Search by Keywords

Partner Login



Enquiry Form

Duration: 5 Days

Price: £ 2,195

 

IQCP02 - Check Point NGX I R65 Security Administration on Nokia IP Security Platforms


Description


This is a five-day, instructor-led course, which covers configuring and implementing Check Point NGX R65 on Nokia IP Security Platforms. The course provides the information and experience necessary to deploy and manage Internet firewalls on the Nokia family of security products. Hands-on exercises enable students to demonstrate a thorough knowledge of the platform operations, effectively configure security policies, and successfully deploy Internet security solutions.

 


Audience


This course is designed for those people who will be responsible for the installation, implementation or maintenance of a Checkpoint NGX - protected site using a Nokia Security Appliance, including Systems administrators, security managers and network engineers who manage Checkpoint NGX gateway deployments, as well as those who seek Nokia Security Administrator (NSA) Foundation (NO0-002) and/or CCSA R65 NGX, #156-215.65 certifications.

 

Prerequisites


Persons attending this course should have a working knowledge of internetworking concepts and an understanding of TCP/IP, network addressing and subnet masks.

They should also have knowledge of basic router concepts as they relate to Layer 3 of the OSI model, including RIPv1 and v2, and static routes. Basic knowledge of networking concepts and topologies, and an understanding of the OSI model is required.

 

Objectives

Delegates attending this course will be able to:


  • Define Nokia Security Platform features and routing terminology
  • Identify the fundamental design considerations for the Nokia IP Security Platform
  • Deploy VPN-1 NGX modules and components
  • Define a security policy using the VPN-1 NGX Security Dashboard, incorporating the SmartMap
  • Implement network address translation (NAT)
  • Set up user authentication in a VPN-1 NGX environment
  • Enable high availability using Virtual Router Redundancy Protocol (VRRP)
  • Use troubleshooting tools and administrative procedures

 

Topics Covered

  • Identify overall features and benefits of the NSP line.
  • Review the Nokia IPSO design and file structure.
  • Execute the initial setup process of an NSP.
  • Describe the tools available to monitor the status of an NSP.
  • Configure SSH and SSL.
  • Describe the architecture of VPN-1 NGX.
  • Create and modify an NGX Security Policy.
  • Configure and use SmartView Tracker and SmartView Monitor.
  • Configure and use SmartDefense.
  • Configure Hide and Static Network Address Translation (NAT).
  • Explain encryption for VPNs, comparing and contrasting common encryption methods.
  • Configure User, Client, and Session Authentication.
  • Implement LDAP and integrate it with an NGX SmartCenter Server.
  • Select the appropriate backup strategy to meet disaster-recovery requirements.
  • Use NGX upgrade tools and SmartUpdate to upgrade to NGX.
  • Maintain an NSP, installing, upgrading, and backing up Nokia components.
  • Determine the licensing process for VPN-1 NGX.
  • Configure VRRP and SVRRP.

 

Exercises

  • Integrate an NSP into an existing network.
  • Configure an NSP using Nokia Network Voyager.
  • Monitor and report statistical information regarding the status of an NSP.
  • Enable SSH and configure SSH options.
  • Configure SSL/TLS communication using Voyager.
  • Configure an NGX Security Gateway for a distributed environment.
  • Implement a distributed installation of VPN-1 NGX.
  • Launch Check Point's SmartDashboard and verify Internal Certificate Authority configuration.
  • Use SmartDashboard to define network objects and groups.
  • Set up anti-spoofing parameters on an NGX gateway object.
  • Use Check Point's SmartMap to convert the logical layout of an organization into a graphical schematic.
  • Configure an NGX Rule Base for proper network functionality, based on specific requirements.
  • Use NGX object cloning to create cloned objects.
  • Use Database Revision Control to save an NGX Security Policy into several versions.
  • Use Check Point's SmartView Monitor to block a malicious user's network activities.
  • Enforce the Suspicious Activity Rule (SAM Rule) with SmartView Monitor.
  • Identify changes in NGX system status, using SmartView Monitor.
  • Configure Check Point's SmartDefense to detect port scans and multiple connection attempts.
  • Enable Hide and Static NAT on a network.
  • Demonstrate the math and mechanics that go into encrypted communication.
  • Create an NGX user template to add users.
  • Make changes to a gateway object, to allow the use of NGX authentication features.
  • Define users who can authenticate to an NGX Gateway.
  • Test User Authentication using a Check Point password.
  • Add fully automatic Client Authentication to a Policy.
  • Configure Check Point's SmartDirectory to interact with Microsoft Active Directory.
  • Use available tools to back up and restore your NGX installation.
  • Configure an NSP to perform a scheduled backup.
  • Configure VRRP and State Synchronization, and implement high availability.

 

Certification

This course meets the requirements for the CCSA NGX R65 certification & Nokia Security Administrator (NSA) Foundation (NO0-002).

A separate examination (not part of the course) is available for delegates who wish to have formal certification.



Please note:

Prior to taking Check Point examinations, Check Point recommend delegates attend the authorised training course(s), study the official manual (provided only on authorised courses) and have 6 months experience using the technology.