- Introduction to Check Point Technology
- Deployment Platforms
- Introduction to the Security Policy
- Monitoring Traffic and Connections
- Network Address Translation
- Using SmartUpdate
- User Management and Authentication
- Identity Awareness
- Introduction to Check Point VPNs
1. Introduction to Check Point Technology
- Check Point Security Management Architecture(SMART)
- Smart Console
- Security Management Server
- Security Gateway
- The Check Point Firewall
- OSI Model
- Mechanism for controlling
- Network traffic.
- Packet Filtering
- Stateful Inspection
- Application Intelligence
- Security Gateway Inspection Architecture
- INSPECT Engine Packet Flow
- Deployment Considerations
- Standalone Deployment
- Distributed Deployment
- Standalone Full HA
- Bridge Mode
- Check Point SmartConsole Clients
- Smart Dashboard
- Smart view Tracker
- Smart Log
- Smart Event
- SmartView Monitor
- Smart Reporter
- Smart Update
- Smart Provisioning
- SmartEndpoint
- Security ManagementServer
- Managing Users in SmartDashboard
- Users Database
- Securing Channels of Communication
- Secure Internal Communication
- Testing the SIC Status
- Resetting the Trust State
2. Deployment Platforms
- Check Point Deployment Platforms
- Security Appliances
- Security Software Blades
- Remote Access Solutions
- Check Point Gaia
- History - Power of Two
- Gaia
- Benefits of Gaia
- Gaia Architecture
- Gaia System Information
3. Introduction to the Security Policy
- Security Policy Basics
- The Rule Base
- Managing Objects in SmartDashboard
- SmartDashboard and Objects
- Object-Tree Pane
- Objects-List Pane
- Object Types
- Rule Base Pane
- Managing Objects
- Classic View of the Objects Tree
- Group View of the Objects Tree
- Creating the Rule Base
- Basic Rule Base Concepts
- Delete Rule
- Basic Rules
- Implicit/Explicit Rules
- Control Connections
- Detecting IP Spoofing
- Configuring Anti-Spoofing
- Rule Base Management
- Understanding Rule Base Order
- Completing the Rule Base
- Policy Management and Revision Control
- Policy Package Management
4. Monitoring Traffic and Connections
- SmartView Tracker
- Log Types
- SmartView Tracker Tabs
- Action Icons
- Log-File Management
- Administrator Auditing
- Global Logging and Alerting
- Time Setting
- Blocking Connections
- SmartView Monitor
- Customized Views
- Gateway Status View
- Traffic View
- Tunnels View
- Remote Users View
- Cooperative Enforcement View
- Monitoring Suspicious and Activity Rules
- Monitoring Alerts
- Gateway Status
- Overall Status
- Software Blade Status
- Displaying Gateway Information
- SmartView Tracker vs.SmartView Monitor
5. Network Address Translation.
- Introduction to NAT
- IP Addressing
- Hid NAT
- Choosing the Hide Address in Hide NAT
- Static NAT
- Original Packet
- Reply Packet
- NAT Global Properties
- Object Configuration - Hid NAT
- Hide NAT Using Another Interface
- Static NAT
- Manual NAT
- Configuring Manual NAT
- Special Considerations
- ARP
6. Using SmartUpdate
- SmartUpdate and Managing Licenses
- SmartUpdate Architecture
- SmartUpdate Introduction
- Overview of Managing Licenses
- License Terminology
- Upgrading Licenses
- Retrieving License Data from Security Gateways
- Adding New Licenses to the License & Contract Repository
- Importing License Files
- Adding License Details Manually
- Attaching Licenses
- Detaching Licenses
- Deleting Licenses From License & Contract Repository
- Installation Process
- Viewing License Properties
- Checking for Expired Licenses To Export a License to a File
- Service Contracts p.
- Managing Contracts Updating Contracts
7. User Management and Authentication
- Creating Users and Groups
- Types of Legacy Authentication p. 142
- Authentication Schemes p. 143
- Remote User Authentication p. 145
- Authentication Methods p. 146
- User Authentication
- User Authentication Rule Base
- Considerations
- Session Authentication
- Configuring Session Authentication
- Client Authentication
- Client Authentication and Sign-On Overview
- Sign-On Methods
- Wait Mode
- Configuring Authentication Tracking
- LDAP User Management with UserDirectory
- LDAP Features
- Distinguished Name
- Multiple LDAP Servers
- Using an Existing LDAP Server
- Configuring Entities to Work with the Gateway
- Defining an Account Unit
- Managing Users
- UserDirectory Groups
8. Identity Awareness
- Introduction to Identity Awareness
- AD Query
- Browser-Based Authentication
- Identity Agents
- Deployment
9 Introduction to Check Point VPNs
- The Check Point VPN
- VPN Deployments
- Site-to-Site VPNs
- Remote-Access VPNs
- VPN Implementation
- VPN Setup
- Understanding VPN Deployment
- VPN Communities
- Remote Access Community
- VPN Topologies
- Meshed VPN Community
- Star VPN Community
- Choosing a Topology
- Combination VPNs
- Topology and Encryption Issues
- Special VPN Gateway Conditions
- Authentication Between Community Members
- Domain and Route-Based VPNs
- Domain-Based VPNs
- Route-Based VPN
- Access Control and VPN Communities
- Accepting All Encrypted Traffic
- Excluded Services
- Special Considerations for Planning a VPN Topology
- Integrating VPNs into a Rule Base
- Simplified vs. Traditional Mode VPNs
- VPN Tunnel Management
- Permanent Tunnels
- Tunnel Testing for Permanent Tunnels
- VPN Tunnel Sharing
- Remote Access VPNs
- Multiple Remote Access VPN Connectivity Modes
- Establishing a Connection Between a Remote User and a Gateway