For complete Self-paced training materials visit nettechcloud.com
Trainer : Manoj Verma (CCIE # 43923)
COURSE : Palo Alto Firewall Configuration, Management and Troubleshooting - PAN 10
===========================================================
CHECK POINT CERTIFIED SECURITY ADMINISTRATOR (CCSA)- R81
COURSE TOPICS:
Module 1: Overview of Firewall Technologies
What is a Firewall
Firewall Technologies
Legacy or Traditional Firewalls
Next Generation Firewalls
Module 2: Introduction to Checkpoint Technology
Security Management Architecture - SMART
Checkpoint Core Systems - 3 Tier Architecture
Secure Internal Communication - SIC
Internal Certificate Authority - ICA
Initializing trust
Module 3: Checkpoint Security Solutions and Licensing
Software Blade Architecture
Security Gateway Software Blades
Management Server Software Blades
Licensing overview
Module 4: Checkpoint Firewall Deployment
Deployment Platforms
Checkpoint Gaia OS
Standalone Deployment
Distributed Deployment
Module 5: Gaia OS Installation and Configuration
Preparing for LAB
Gaia OS Installation
Initial Configuration - WebUI
Downloading and Installing Smart Console
Module 6: Secure Internal communication (SIC)
Smart console access to management Server
Creating Security gateway object
SIC establishment
Verifying Policy installation
Module 7: Anti spoofing
Understanding IP spoofing
Prevention and tracking
Network group
Module 8: Security Policy Management
Security Policy Basics
Implicit and Explicit Security rules
Publishing Security Policy
Installing Security Policy
Module 9: Logging and Monitoring
Security and Audit Logs
Smart View Monitor
Monitoring Traffic and Connections
Module 10: HTTPS Inspection
SSL Handshake
Digital Certificate
Inbound and outbound Inspection
Enabling HTTPS Inspection
HTTPS Inspection Policy
Module 11: Application Control and URL Filtering
Application and URL Filtering Blades
Editing Policy Layer
Creating Security Rule
Monitoring Application and URL Filtering
Module 12: Zone Based Security Rule
Understanding Security Zone
Creating Zone Based security Rule
Module 13: Inline Layer Policy
Benefits of Inline Layer Policy
Creating Inline Layer Policy
Module 14: Suspicious Activity Rules
Understanding SAM Rule
Creating SAM Rule from Smart View Monitor
Module 15: Network Address Translation - NAT
Introduction to NAT
Types of NAT - Static and Hide NAT
Automatic Vs Manual NAT
Manual Proxy ARP - Local.arp
NAT - Global Properties
Module 16: Managing User Access
Identity Awareness
Methods for Acquiring Identity
Light Weight Directory Access Protocol - LDAP
Module 17: Threat Prevention Solution
Threat Prevention Components
Threat Prevention Profiles
Module 18: Intrusion Prevention System (IPS)
IPS Software Blade
IPS Protection
Module 19: Anti Virus and Anti Bot
Anti Virus
Anti Bot
Module 20: Sand Blast
Sandblast - Threat Emulation
Sandblast - Threat extraction
Module 21: Adding a Second Security Gateway
Creating Security Rule for SIC
Control connections and NAT
Policy Packages
Module 22: Virtual Private Network
VPN Overview
IPsec site to site VPN
Internet Key Exchange (IKE)
Phase 1 and Phase 2 Tunnels
Domain Based VPN Vs Route Based VPN
VPN Community and Domain
Module 23: IPsec site to Site VPN Configuration
Creating VPN Community
Encryption Domains
IKE Phase 1 and Phase 2 Attributes
Module 24: IPsec S2S VPN between Checkpoint and Cisco
Configuring Cisco Router
Interoperable Device Object
Checkpoint Gateway Configuration
Module 25: Troubleshooting IPsec VPN
VPN Debug
Analyzing debug log with Ikeview tool
Module 26: Remote Access VPN
Clientless Vs Client based
SSL VPN
Split Tunnelling
Module 27: Backup and Snapshot
Database Revisions
Backup and Restore
Snapshot and Revert
Module 28: CLI and Troubleshooting
Clish and Bash (Expert Mode)
Important commands
TCPDUMP and fw monitor
Module 29: Packet Flow
“We not only explain the theory but how to use every feature in real life with practical demonstration and troubleshooting"
#troubleshooting #checkpointfirewall #paloaltofirewall
3 окт 2024
