Overview
This two-day advanced-level course is designed for security professionals to gain expertise in deploying and managing custom threat prevention solutions using Check Point technologies. It covers key areas such as IPS, Anti-Bot, and Anti-Virus configurations, policy layers, traffic analysis, and performance optimization for threat prevention.
Objectives
By the end of this course, participants will:
Prerequisites
- Training: Completion of CCSA (mandatory) and CCSE (recommended).
- Knowledge: Internet fundamentals, networking basics, network security principles, and system administration.
Course Outline
- Verifying the security environment.
- Establishing system connectivity.
- Configuring and enabling IPS custom protections.
- Updating and testing general and specific protections.
- Configuring Anti-Bot and Anti-Virus systems.
- Creating and customizing policy profiles.
- Optimizing gateway interface settings and policy rules.
- Modifying logs and analyzing event data.
- Managing inspection settings and exceptions.
• Verify SmartEvent Activation
• Generate and Verify Logs for Reporting
• Configure SmartEvent Views and Reports
• Verify Recent Updates
• Configure Update Settings
• Analyze Threat Prevention Performance
• Create Penalty Box Exceptions and Null Profiles
• Test the Panic Button Protocol
• Add a Custom SNORT Rule
• Create and Test a Custom Threat Indicator
• Observe Traffic Drops in Real Time
• Audit Configuration Changes