The Check Point Certified Security Administrator
3.4 (7 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
45 students enrolled
Wishlisted Wishlist

Please confirm that you want to add The Check Point Certified Security Administrator to your Wishlist.

Add to Wishlist

The Check Point Certified Security Administrator

Checkpoint Administrator
3.4 (7 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
45 students enrolled
Last updated 8/2017
Current price: $12 Original price: $200 Discount: 94% off
3 days left at this price!
30-Day Money-Back Guarantee
  • 7.5 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion

Training 5 or more people?

Get your team access to Udemy's top 2,000 courses anytime, anywhere.

Try Udemy for Business
What Will I Learn?
  • Check Point Technology Overview
  • Deployment Platforms and Security Policies
  • Smartview Tracker
  • Monitoring Traffic and Connections
  • Network Address Translations
  • User Management and Authentication
  • Using SmartUpdate
  • Implementing Identity Awareness
  • Configuring VPN tunnels
View Curriculum
  • Basic knowledge of networking
  • Windows Server and/or UNIX skills
  • Internet and TCP/IP experience

The Check Point Security Administration course provides an understanding of basic concepts and
skills necessary to configure the Check Point Security Gateway, configure Security Policies, and
learn about managing and monitoring secure networks.

This Course covers the following topics:

Describe Check Point's unified approach to network management, and the key elements of this architecture.

Design a distributed environment using the network detailed in the course topology.

Install the Security Gateway version R77 in a distributed environment using the network detailed in the course topology.

Given network specifications, perform a backup and restore the current Gateway installation
from the command line.

Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line.

Deploy Gateways using sysconfig and cpconfig from the Gateway command line.

Given the network topology, create and configure network, host and gateway objects

Verify SIC establishment between the Security Management Server and the Gateway using

Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use.

Evaluate existing policies and optimize the rules based on current corporate requirements.

Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades and minimal downtime.

Configure NAT rules on Web and Gateway servers.

Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data.

Using packet data on a given corporate network, generate reports, troubleshoot system and security issues, and ensure network functionality.

Using SmartView Monitor, configure alerts and traffic counters, view a Gateway's status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access based on corporate requirements.

Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications.

Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways.

Upgrade and attach product licenses using SmartUpdate.

Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely. 

Manage users to access to the corporate LAN by using external databases.

Use Identity Awareness to provide granular level access to network resources.

Acquire user information used by the Security Gateway to control access.

Define Access Roles for use in an Identity Awareness rule.

Implementing Identity Awareness in the Firewall Rule Base.

Configure a pre-shared secret site-to-site VPN with partner sites

Configure permanent tunnels for remote access to corporate resources.

Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels.

Who is the target audience?
  • Any one who wants to learn Checkpoint Firewall
  • Any one who wants to pursue CCSA Certification
  • Any one who wants to develop profession skills on Checkpoint
Compare to Other Checkpoint Courses
Curriculum For This Course
14 Lectures
Start Here
14 Lectures 07:36:01

This video will give you insight of security and answers the following questions.

1. Define Security?

2. Define Firewall?

3. What are all the types of Firewall Filtering Technologies available?

4. Pros and Cons of Packet Filter, Proxy, Stateful

5. Inspection Firewall?

Note: This video includes the questions from students during live session, i felt it would be good to have it. 

Preview 42:46

In this video you will be able to understand Checkpoint's 3 Tier Architecture, Software Blade Architecture, an Introduction to GAiA Operating System. 

Note: This video also includes questions from live class.

Preview 27:12

In this video you will be learning the following.

1. Installation of GAiA

2. Installation of Checkpoint Security Management Server

3. Installation Smart Console

Installation and Initialization of Checkpoint Security Management Server

In this Video you will be able to learn the following.

1. Installation of Checkpoint Security Gateway

2. Integrating with Checkpoint Security Management Server

3. Understanding SIC

4. Understanding Fingerprint

5. Initializing an interface of Security Gateway

6. Checkpoint interface topology synchronization

Security Gateway Installation and Integration

In this video you will learn the following

1. Policy Elements

2. Implied rules

3. Explicit rules

4. Three components of a rule

5. Objects and Object groups

6. Order of operation

7. Saving and Installing a policy

8. Understanding actions of a rule (Accept, Drop and Reject)

9. Understating of implied rule position (first, last and before last)

10. Benefits of optional parameters (track, install on, time and Comments)

Preview 42:02

In this video you will be learning the following

1. Stealth rule

2. Cleanup rule

3. Section title

4. Different methods to refer an object in a rule

5. Disabling a rule

6. Hiding and unhiding a rule

7. Rearranging a rule (Cut, Copy, Paste and Drag and Drop)

8. Adding a rule (before, after, first and last)

Preview 35:44

In this video you will be learning the following.

1. Database Revision Control (Manual, Automating)

2. Policy Package and Policy installation target 

3. Restoring back to a Database Version

4. Viewing a Database version

5. Managing the storage

Checkpoint Policy Final

In this video you will be able to learn the following.

1. Launch SmartView Tracker

2.Track by Source and Destination

3. Log Types

4. SmartView Tracker Tabs

5. Action Icons

6. Log-File Management

7. Administrator Auditing

8. Global Logging and Alerting

9. Time Setting

10. Blocking Connections

Checkpoint Smartview Tracker

In this video you will be learning the following.

1. Overall Status

2. Software Blade Status

3. Displaying Gateway Information

4. Customized Views

5. Gateway Status View

6. Traffic View

7. Tunnels View

8. Remote Users View

9. Exporting and Importing Monitor setting

10. Suspicious Activity Monitoring

11. Thresholds

12. Monitoring Alerts

Checkpoint Smartview Monitor

In this video you will learn the following.

1. IP Addressing

2. Unidirectional Vs Bidirectional

3. Hide NAT

4. Choosing the Hide Address in Hide NAT

5. Static NAT

6. Original Packet

7. Reply Packet

8. NAT Global Properties

9. Object Configuration - Hid NAT

10. Configure Static NAT on the DMZ Server

11. Test the Static NAT Address

12. Configure Hide NAT on the Corporate Network

13. Test the Hide NAT Address

14. Understanding Object NAT and Manual NAT

Checkpoint Network Address Translation

In this video you will be learning the following.

1. Configuring Manual NAT

2. Special Considerations

3. ARP

Checkpoint Network Address Translation - Continued

In this video you will be learning the following

1. Different solutions for providing connectivity between offices

2. Define VPN

3. Understanding Confidentiatility, Integrity and Authenticity

4. Symmetric Vs Asymmetric key cryptography

5. Understanding Source and Message Authentication

6. Diffie Hellman - Key exchange

6. Internet Key Exchange protocol

Checkpoint VPN Concepts

In this video you will learn the following.

1. IPSec VPN Tunnel Establishment process

2. IKE Phase 1 - ISAKMP (Main Mode Vs. Aggressive Mode)

3. IKE Phase 2 - IPSec (QuickMode and PFS)

4. ESP Vs AH

5. Tunnel Rekeying interval

6. Security Associations

Preview 30:06

In this video you will learn the following.

1. Objects needed for VPN Policy

2. Adding VPN Gateways

3. Configuring VPN Domain

4. Defining VPN Community 

5. Configuring VPN Policy

Checkpoint Configuring Site-to-Site VPN
About the Instructor
Sr. Consultant Gopi Venkatesan
3.4 Average rating
7 Reviews
45 Students
1 Course
Sr. Consultant

Quality Beyond Certification


I’ve been certified at some of the highest standards for the quality of my performance at work. I spare no quarter when it comes to delivering high quality services in the required time. Listed below are some of my certifications: 


  • Extreme Networks Certified Instructor
  • Certified Cisco Systems Instructor
  • Checkpoint Certified Security Instructor
  • Certified EC-Council Instructor
  • IPV6 Certified Instructor – Gold
  • Juniper Networks Certified Instructor
  • Checkpoint Certified Security Administrator
  • Checkpoint Certified Security Expert
  • Extreme Networks Certified Expert
  • Cisco Certified Network Expert Written – CCIE (R&S), Security
  • Cisco Certified Network Associate – CCNA
  • Cisco Certified Security Professional – CCSP
  • Information Systems Security Professional – ISSP
  • Certified Wireless Network Associate – CWNA
  • Certified Wireless Security Professional – CWSP
  • Information Technology Infrastructure Library – ITILV3F
  • Comptia Security +
  • Juniper Networks Certified Internet Associate – JNCIA – FW/VPN
  • Juniper Networks Certified Internet Specialist  – JNCIS – FW/VPN
  • Juniper Networks Certified Internet Associate – JNCIA – IDP
  • Juniper Networks Certified Internet Associate – JNCIA – SSL
  • Juniper Networks Certified Internet Associate – JNCIA –DX
  • Juniper Networks Certified Internet Associate – JNCIA –EX
  • Juniper Networks Certified Internet Associate – JNCIA –WX
  • Juniper Networks Certified Internet Associate – JNCIA –ER
  • McAFee EPO , HIPS, SafeBoot , VSE
  • Extreme Certified Expert – Networking
  • Extreme Certified Expert – Access Control
  • Extreme Certified Specialist – Routing
  • Extreme Certified Specialist – Switching
  • Extreme Certified Specialist - NAC


Experience in Expertise


With more than 14+ years of experience in the IT industry I can comfortably say that I know the field and how to go about my business.  Be it designing, Implementation or troubleshooting of Network Technologies, I am totally comfortable in doing it all, even under immense pressure. Given below is a list of other services I am experienced in:


  • Analysis, installation, implementation and troubleshooting of WAN/LAN Projects
  • Corporate experience in various roles of networking.
  • Networking as an Engineer handling WAN, Cisco, Juniper, Fortinet, Watchguard, etc., devices.
  • Technical Audit, Penetration Testing, Vulnerability Assessment.


Professional Prowess


My wide range of professional skills and the experience coupled with my determination alone have resulted in the level of expertise that I possess today.


Senior Security Consultant

  • Maintenance of Cisco PIX Firewalls and VPN Concentrators
  • Maintenance and Monitoring of International links on IP
  • Providing Support to more than 75 branches in EMEA
  • Coordinating with Verizon Business for WAN Connectivity issues.


Network Administrator

  • Providing LAN / WAN Support for the Corporate Network   Management of Infrastructure using Cisco Works 2005
  • Implementing routing protocols RIP, IGRP, Enhance IGRP, OSPF
  • Troubleshooting IOS Routers and PIX Firewalls.
  • Hands on experience with VPN Concentrator 3000 series.
  • Configuring ACS and Restricting Administrative access.
  • Deployment of Packet Filtering Using Different Types of Access Control Lists and Object Grouping.
  • Content Filtering using WebSense, N2H2, ActiveX Filtering, and Java Applets
  • Configuring Cisco router Interfaces, Access-Lists, TCP/IP addresses and   SNM
  • Configuring Access-List, Access-group, Access-Class, Line VTY for Security
  • Configuring WAN Technologies like Frame Relay, PPP and ISDN
  • Control router installations, passwords, identification, backups and upgrades
  • Configuring VLAN in the CISCO 19XX & 29XX-Series Switch
  • Hardware and OS upgrading of Cisco devices.



At Heart’s Core


Over and above all my skills and abilities, there are some core skills that I have completely mastered and perfected. These are the skills that are demanded of me on a regular basis:


Installation and Configuration of

  • Routers – Cisco 1700,2500,2600,3600,Juniper M/T Series
  • RAS – 3COM Total Control
  • Switches – Cisco 3550,2900,1900,Alteon, Extreme, Foundry, Blackbox.
  • Firewall – Netscreen, Cisco PIX, Foundry, Fortigate, Watchguard.
  • Load Balancers – Intel and Cisco.
  • VPN Concentrator – Cisco VPN box, Juniper SSL Box.
  • Wireless – Symbol & Cisco WLC, WMS
  • Cache Engine – Netcache
  • Identity – Cisco ISE, Extreme NAC, Juniper UAC
  • Cisco Prime, Junos Space


Routing Protocols

  • OSPF – Designed, Implemented and Migrated several NOC to the core backbone using OSPF as the IGP.
  • Commissioning & Installation of E1,PRI Links in Backbone


LAN Switching – LAN Switching techniques, VLANs, Ethernet Trunking, VLAN Tagging, VTP and STP.


Technical experience in Network Security Products such as VPN, IDS/IDP solutions and Firewalls


Security Audit and Vulnerability Assessment experience including network attack and penetration testing, host security diagnostics.


Familiarity with risk analysis and mitigation methodology, security policy and procedure development, incident response program, patch management and vulnerability management processes, security training and awareness.


Ability to address confidentiality, integrity and vulnerability of the network and systems and provides the foundation for many risk mitigating activities.


Implementation of network and system security solutions.



Technical Techniques

Be it hardware or Operating Systems, my technical abilities in all these areas are up to global standards and I always aim to give my customers the best in technical support. Listed below are my technical skills:


Hardware Platforms

Routers: Cisco 1700,2500.2600,3600, Juniper M/T Series.

Switches: Catalyst 3550,2900,1900,Alteon,Extreme (black diamond, Alpine, Summit),Foundry and Blackbox.

Netscreen FW 5000 Series, ISG, 500 – A/A.A/P, PIX FW, VPN Concentrator, SSL VPN, Juniper IDP, Cisco IDS, Cisco ASA, Checkpoint.

Operating Systems

Windows NT 4.0/2000 Server & Workstation, Cisco IOS, Cat OS, Finnesse(PIX), Junos , Screen OS, Linux (Basic)


Training: - Security

Some of the Few Key Customers for whom Security Classes (NSM, IDP, Netscreen FW, SSL, PIX, CEH, CHECKPOINT)


Learn by Teaching: I have also conducted many seminars in an around the city as part of my ongoing effort to spread awareness about technology and its practical uses in our day to day life. I am also writing a book on the same. These have been very nourishing experiences as not only have I imparted knowledge through these workshops and seminars, but have learned a great deal too. 1. Workshop on Digital Evidence for “ISACA” Bangalore Chapter 2. Workshop on Firewall Technologies for Dhiragu ISP Maldives

3. Workshop on Wireless Security “ISACA” Chennai Chapter 4. Guest Lecturer for MSC Cybercrime and Information Security and PG Diploma in                                                        Information Security (University of Madras)


Clientele (Most Recent)


Here’s a list of our most recent clients

Mu-Sigma – Extreme Routing and Switching

Mu-Sigma – Extreme Wireless

Mu-Sigma – Extreme Netsight

Rukus – Wirless Technologies

Cisco Systems TAC – Nexus

Cisco Systems TAC – UCS

Cisco Systems TAC – ASA Firewall

Cisco Systems TAC – Routing

Cisco Systems TAC – Switching

Cisco Systems TAC – Collab

Vodafone Bangalore – Juniper SRX

Vodafone Pune – Cisco Switching

Vodafone Pune – SRX

Sungard – Nexus

Intel Bangalore - Extreme

Ramco InfoTech – Netscreen and IDP (Chennai)

Marstech Solutions India P Ltd

Trishla (Juniper Firewall)

ISACA – India (Workshop)

University of Madras – Cybercrime (MSC & PG Diploma)

Indian Bank (Head Office) – Firewall and IPS Evaluation

Hyderabad International Airport – Tech Lead (Security, Wireless)

Bangalore International Airport – Tech Lead (Wireless)

Cybernet Slash Support – Chennai (Juniper SSL)

BSE (Checkpoint)


Element K India Pvt Ltd (MPLS)