Check Point Harmony Endpoint Specialist [CCES] R81.20

Install SMS locally on a VM using the clean ISO image for R81.20, verify the minimum hardware requirements, and consult checkpoint documentation for Harmony Endpoint setup.

Install Gaia management server and endpoint management server in a virtual machine from checkpoint ISO, configure memory, storage, and networking, then complete the first-time wizard via the web UI.

Explore VMware workstation networking options—bridged, NAT, host, and custom—focusing on bridged mode that replicates the host network. Understand IP setup like 192.168.1.112 and why a management server IP is preferred.

Navigate the first time configuration wizard, log in with admin credentials, and set IP, gateway, host name, DNS, and time. Select security management only and download Smart Console for licensing.

Learn to use checkpoint smart console, attach licenses, and push changes to the management database. Review endpoint policy management for harmony endpoint with smart endpoint and harmony endpoint web ui.

Deploy an active directory in checkpoint by using organization scanners and add a directory scanner to scan the ldap path and domain controller, then import users into smart endpoint policies.

Upload and deploy client packages by choosing internet or manual download from checkpoint. Install the 1804 20 enterprise endpoint security package via the deployment tab for group policy deployment.

Discover how to export deployment packages with blades, set targeted software deployment rules, install MSI on Windows 10, and verify modules via heartbeat to the smart management server.

Download the Windows initial endpoint client from the web console, then convert the dot exe to msi and run the PowerShell command to create the client.

learn how to uninstall a checkpoint harmony endpoint client from windows via control panel, using the default password secret, and that you can change it in client settings later.

Deploy a Windows msi client across the domain using group policy objects by sharing the msi in a network folder and applying the policy to target machines.

Install the light initial client on a Windows 10 machine from the domain controller. Create a virtual admin group and deploy policies that pull from the management server via heartbeat.

Configure client policy settings in Harmony Endpoint to enforce uninstall password, prevent user deletion, manage policy push and installation, and control module enablement on Windows clients.

Explore host-based and perimeter firewall concepts, configure outbound and inbound policies, block ICMP traffic, test policy installs, and observe policy synchronization with smart endpoint heartbeat.

Learn to use the Harmony endpoint URL filtering blade to block or allow access to websites or groups (games, chats, social networking) via policies, with browser extension support and testing.

Enable the safe search extension to check website reputation in Chrome, view a checkpoint rating for sites, and learn how to install and view a policy within the browser.

Learn how Check Point threat emulation scans file behavior for zero-day attacks, and how threat extraction provides a safe copy while emulation runs, with a Chrome browser extension option.

Deploy and monitor full disk encryption with Check Point Harmony Endpoint by applying data protection policy, selecting either checkpoint encryption or BitLocker, and tracking progress across devices.

Explore Check Point Harmony Endpoint remote access solutions that secure connections to corporate resources via ipsec and ssl vpn, covering client-based and mobile options and office mode.

Review Check Point remote access solutions on the support site at support.checkpoint.com, verify the latest versions and operating system support, and compare capsule workspace, network extender, and endpoint security vpn.

Add a gateway to the smart console and interconnect it with the management server to enable IPsec remote access VPN. Install policy, attach licenses via smart update, and push policy.

Install the Windows remote access client, configure IPsec VPN for client-to-site, define office mode and encryption domains, create users and groups, publish the policy, and troubleshoot routing issues.

Define the encryption domain and vpn domain, modify the remote access community, assign ip addresses via office mode or a manual pool, and verify routing and policy.