This course will provide you with an understanding of key concepts and skills necessary to effectively configure and deploy VPN-1 VSX, to manage multiple customer sites. This course provides hands-on training for installing VSX on SecurePlatform. You will configure Security Policies for multiple remote firewalls, using the Provider-1 NGX Multi-Domain GUI (MDG). You will also learn about managing multiple firewall-secured environments, and using Virtual Systems and Virtual Routers in a VSX configuration. You will understand how to perform advanced configuration tasks, such as establishing redundant VSX Gateways for High Availability functions. Audience : System administrators, security managers, or network engineers implementing VSX in an enterprise environment. Prerequisite : Check Point Security Administration NGX I Rev 1.1, Check Point Security Administration NGX II Rev 1.1, Check Point Provider-1 NGX, or equivalent knowledge and experience.
Duration of the course : |
Part Time : N/A |
Full Time : 3 Days (8 hours per day) |
Course Contents :
|
VPN-1 VSX Architecture and Deployment:
- VSX Overview.
- VSX Building Blocks.
- Managing the VSX Gateway.
- Clustering in VSX.
- IP Address Allocation for VSX Implementation.
- VSX Packet Flow and Routing.
- Routing from Virtual System to Virtual System.
- Overlapping IP Address-Space Support.
VSX Management Server Installation and Configuration:
- VSX Management.
- SmartCenter Management Model.
- Provider-1 Management Model.
- Check Point Licenses.
- Upgrading Previous Deployments.
- VSX NGX System Requirements.
- Installing and Configuring VSX.
- Installing Provider-1 NGX for VSX on a Secure Platform Machine.
- Installing the Provider-1 NGX MDG on Windows.
VSX Gateway Installation and Configuration:
- VSX Gateway’s Virtual Topology.
- Management of Virtual Devices.
- Installing the VSX Gateway on SecurePlatform.
- Unique State-Table Configuration.
- Security Policy Separation.
- Unique Configuration Parameters.
- Management Virtual System.
- VSX Interface Support.
- External Virtual Routers.
- Management Server Communication.
- Provisioning and Network-Configuration Channel.
- System Virtualization.
- Advanced Routing Configurations.
|
VSX and Layer2 Communications:
- Virtual Switch.
- Virtual Switch in a Cluster.
- Virtual Switch and Dynamic Routing using OSPF.
VSX and VLAN Tagging:
- VLAN Technology.
- VLAN Tagging.
- VLAN Tag Composition.
- VLAN Trunking and Membership.
- Implicit/Explicit VLAN Membership.
- VLAN Configuration in a VSX Environment.
- Configuring Interfaces to Allow VLAN-Tagged Traffic.
- Associating VLAN Traffic with specific Virtual Systems.
Deploying Virtual Systems in a Bridged Configuration:
- Virtual System in Bridge Mode.
- Security for Virtual Systems in Bridge Mode.
- Clustering Virtual Systems in Bridge Mode (ClusterXL Only).
Configuring VSX Gateway High Availability:
- VSX Gateway High Availability.
- NGX and VSX Clustering.
- VSX state Synchronization.
- Synchronization Network.
- Synchronization Modes.
- Deploying Multiple VSX Gateways in an HA Environment.
- Creating VSX Gateway and EVR Cluster Objects.
- Completing VSX System Configuration.
- Configuring Customer Clusters.
|
|
