CCSE certification is recognized as the industry standard for Internet security certifications. CCSE training and testing builds on CCSA training by including an in depth study of encryption technologies and how to implement site-to-site and remote access VPNs. CCSEs are also tested for skills to configure content security by enabling Java blocking and anti-virus checking and performing load-balancing through CLUSTERXL.
Audience : System Administrators, Security Managers, Network Engineers and Individual seeking CCSE certification.
Prerequisite : Must be CCSA Certified with good knowledge of FireWall.
Duration of the course :
Part Time : 18 Days (2 hrs/day)
Full Time : 3 days (8 hrs/day)
Key Benefits : On completion of this course you will be able to implement and deploy site- to-site and remote VPN, Content Vectoring, URL filtering and Load balancing between firewalls.
Course Contents :
Installing VPN-1 NGX and Upgrading:
- Installing and Upgrading Terms.
- Pre-installation Configuration.
- Distributed Installation.
- Upgrading To NGX.
- Upgrade Order.
- Upgrade Export / Import.
- Upgrading via SmartUpdate.
- NGX Backward Compatibility.
- Licensing NGX.
- Obtaining Licenses.
- Licenses for new NGX Installations.
- Licenses for Existing Installations Being Upgraded.
- Deploying Licenses.
- Central Licensing and Local Licensing.
- Upgrading Licenses to NGX.
Content security and content vectoring protocol:
Role of the security server.
Content Vectoring Protocol (CVP).
URL Filtering Protocol (UFP).
URL screening by file.
FTP content Security.
Implementing content security.
Security server and the rule base.
Implementing the TCP resource.
CVP load sharing and chaining.
Implementing IKE encryption.
Using SVN to protect wireless LANs.
VPN implementation and setup.
Traditional VPN Configuration.
IKE encryption configuration using shared secret.
IKE encryption configuration using Certificates.
Simplified VPN Configuration.
Integrating VPN into a rulebase.
CheckPoint QoS Overview.
Intelligent Queuing Engine (IQ Engine).
Weighted Flow Random Early Drop (WFRED).
Retransmission Detection Early Drop (RDED).
Check Point QoS Architecture.
SmartConsole, SmartCenter Server and Check Point QoS.
Check Point QoS Deployment Considerations.
Check Point QoS Policy.
Bandwidth Allocation and Rules.
Additional QoS Rule Considerations.
DiffServ Markings for IPSec Packets.
Interaction between DiffServ Rules and Other Rules.
Low Latency Queuing and Classes.
Computing Constant Bit Rate and Maximal Delay.
Monitoring and Optimizing CheckPoint QoS.
Enabling Voice over IP Traffic:
Voice Over IP Basics.
Configuring NGX for H.323-based VoIP Traffic.
Enabling VoIP Traffic in an H.323 Environment.
Gatekeeper Object Configuration.
Configuring Gatekeeper Routing Mode.
Configuring the Rule Base for H.323 Traffic.
Enabling VoIP Traffic in a SIP Environment.
Defining the VoIP SIP Domain.
Configuring Global Properties.
Configuring the Rule Base for SIP Traffic.
High Availability and Load Sharing.
Deploying New Mode High Availability.
Configuring Load Sharing Unicast (Pivot) Mode.
Configuring Load Sharing Multicast Mode.
Debugging ClusterXL Issues.
ClusterXL Configuration Issues.