Security Gateways
An extensive course on the use of Firewalls including network protection, tools, and best practices to keep your systems safe.
ABOUT THE PROGRAM
Hackers use the Web to infiltrate companies’ databases, detect, target, and attack weak spots. These invasive attacks expose our data to numerous threats which potentially jeopardize the entire organization. Modern IT systems need to have the right tools, and IT teams globally are looking for fully trained professionals. Completing our Security Gateways course will prepare any professional for a role in the world of cybersecurity.
This course dissects firewalls in detail, from the principles and functions of a firewall to the latest services a modern firewall should provide. Clients will learn how to configure firewall rules based on protocol, port, and IP address. Use NAT and understand the use of each blade in Check Point Firewall Software.
The course covers the following topics:
DON'T TOUCH THIS TAB
It’s important to improve the accordion’s behaviour
Firewall Concepts
- Firewalls and Their Evolution
- Access Control Lists or Stateless Inspection Firewalls
- Stateful Inspection firewalls
- The Stateful Inspection Advantage –Passive FTP Example
- Unified Threat Management
- Next-generation firewalls
- Zone based vs. Interface Based Firewalls
- Introduction to the Check Point Technology
- Components of the Check Point Solution
- SmartConsole
- Supported Authentication Schemes
- Check Point Password Authentication
- OS Password Authentication
- RADIUS Server
- SecurID Server
- TACACS Server
- Check Point Deployment Options – The Architecture
- Securing the Communication channel – Check Point SIC (Secure Internal Communication)
Working with the Security Policy, Best Practice, Logs & Troubleshooting
- The Security Policy
- Creating and Managing Objects
- Creating a Strong Firewall Security Policy – Rule Base Fundamentals
- Creating a Secure Firewall Security Policy – Rule Base Best Practices
- Working with Logs & Monitoring Traffic in a Check Point based environment
- Tracking Options: Alert, Log, None
- Catalog of Views and Reports
- Reports
- Filters
- Log Analysis
- Using the Log View
- Searching the Logs
- Creating Custom Queries
- Selecting Query Fields
- Query Language Overview
- Event Details
Introduction to the Command Line Interface CLI & NAT
- Command Line Interface
- Commands and Features
- Clish , expert modes
- Useful Commands
- Basic Concepts in Network Address Translation
- NAT Types
- Private Networks address spaces
- Static NAT
- CONFIGURING Static NAT
- Hide NAT
- Choosing the Hide Address in Hide NAT
- Hide NAT Using Another Interface IP Address
- CONFIGURING HIDE NAT
- Manual NAT
Identity Awareness & VPN
- Identity Sources
- How AD Query Works
- Browser-Based Authentication
- How Captive Portal Works – Firewall Rule
- How Transparent Kerberos Authentication Works
- Site to Site VPN
- Sample VPN Access Control Rules
- VPN workflow
- VPN Communities
- Topologies
- Sample Star Deployment
- Sample VPN Access Control Rules
- IPsec & IKE
- IKE Phase I
- IKE Phase II
- Diffie Hellman Groups
- Remote Access VPN
- VPN Connectivity Modes
- Office Mode / Visitor Mode
- Remote Access VPN Workflow
- Configuring the Security Gateway for a Remote Access Community
- Mobile Access to the Network
- Client-Based vs. Clientless
- Sample Mobile Access Deployment
- Using the Mobile Access Configuration Wizard
- Allowing Mobile Connections
Threat Prevention
- Threat Prevention Components
- IPS
- Anti-Bot
- Anti-Virus
- Threat Emulation
- Threat Extraction
- Threat Prevention Policy
- Workflow for Creating a Threat Prevention Policy
- Threat Prevention Policy Layers
- Action Enforcement in Multiple-Layered Security Policies
- Examples
- Threat Prevention Rule Base
- Parts of the Rules
- IPS Configuration
- Anti-Bot Configuration
- Anti-Virus Configuration
HTTPS Inspection and URL filtering
- HTTPS Inspection
- Outbound Connections
- Inbound Connections
- Configuring Gateways to inspect HTTPS
- HTTPS Inspection Policy
- Sample HTTPS Inspection Rule
- Monitoring Applications
- Blocking URL Categories
Don't touch this tab
ABOUT SOTERIA GLOBAL
SOTERIA Global is a global leader in cyber-security training solutions and services.
The cyber world is now a part of our everyday life. New technology emerges daily, and as opportunities increase, so do cyber risks. Threats constantly evolve, and we must protect our valuable assets.
A successful cyber defense has many factors, but they all have one thing in common: dedicated, skilled individuals.
SOTERIA Global experts develop our solutions and rely on the best technological assets in the market. Our impressive global presence expands over four continents, giving us access to the best cybersecurity professionals.
Our solutions range from customized training programs to developing cyber-oriented facilities, ensuring that individuals and organizations are ready to face real-world threats. Over the years, we have worked with various organizations across many sectors, giving us the skillset to shape and adapt our solutions to meet our client’s needs.
COURSE INFO
Target audience
- System administrators
- People with good networking knowledge
Prerequisites
- Basic understanding of networking is an advantage
Skills Gained
- Understanding the firewalls concept
- Creating rule-based policies for the organization
- Understanding NAT
- Configuring site to site VPN
- Using the firewall for threat prevention
- Identity awareness in firewalls
- Other firewall UTM features (URL filtering, web filtering)