Name: Checkpoint Firewall Home-Lab | CCSA and Beyond
Rating: 4.8 (9 reviews)

Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Created byRajneesh Gupta, Jaimin Pathak

Last updated 4/2024

English

What you'll learn

Gain a comprehensive understanding of Checkpoint Firewall, from its architecture to key features.
Explore the various blades offered by Checkpoint Firewall and their functionalities.
Learn how to configure and manage interfaces within Checkpoint Firewall.
Understand the importance of Secure Internal Communication (SIC) and how to implement it.
Streamline firewall management through effective utilization of objects.
Configure and manage Checkpoint IPS (Intrusion Prevention System) policies.
Set up High Availability (HA) clusters for continuous network protection.
Explore real-world use cases and scenarios to apply learned concepts in practical situations.

Course content

7 sections • 36 lectures • 3h 17m total length

Checkpoint Firewall Architecture3:03
Explore how checkpoint firewall enhances network security with stateful inspection, unified threat management, and a centralized management console—security management server, security gateway, and smart console.
Checkpoint Blades4:53
Explore Checkpoint blades, a modular gateway delivering firewall, IPsec VPN, mobile access, application control, dual filtering, DLP, IPS/IDS, antivirus, Threat Cloud, sandboxing, identity awareness, and content awareness to tailor security.
Checkpoint Firewall deployment Modes1:34
Explore checkpoint firewall deployment modes: standalone, distributed, cluster access, and virtual firewall mode, with cloud integration and seamless on-prem and cloud policy consistency for scalability and fault tolerance.
Checkpoint Interfaces2:49
Learn checkpoint interface types such as internet physical interfaces, aliases, LAN or VLAN segmentation on a single interface, plus concepts like bridge mode, loopback, IPv6 over IPv4 tunneling, and PPPoE.
Checkpoint SIC1:45
Explore how Checkpoint security gateways and security management servers establish trust through one-time passwords, certificates, TLS, and AES-128 encryption to securely connect and manage gateways.
Security Rules3:28
Security rules enforce an access control policy to regulate traffic between network segments, using source and destination IPs, ports, and protocols, while inspecting for threats and enabling blocking or alerting.
Objects1:26
Discover what an object is in a security policy and how it represents a network element, service, or user, with types including network, service, user-based, and time interval objects.
High Availability2:00
Explore high availability with checkpoint firewalls deployed in a pair, featuring continuous synchronization of configurations and session state, seamless automatic failover, load balancing, fault detection to minimize outages.

Home-Lab Design1:50
Design a home-lab network with a Check Point gateway, Check Point SMS, and a smart console, detailing subnets 192.168.1.0/24 for gateways, 10.0.2.0/24 for the DMZ and 10.0.3.0/24 for headquarters.
Virtualbox Installation and Adapter settings3:07
Learn to install the checkpoint gateway in Oracle VirtualBox manager and configure host-only networks DMZ, public network, and workstation with matching IPs and subnets; download link included.
Checkpoint Gateway Installation13:47
Install the checkpoint gateway with Gaia in a standalone setup. Configure a static IP, such as 192.168.1.111, and complete the first-time configuration wizard via the web UI.
Checkpoint SMS Installation21:36
Install Checkpoint gateway and SMS in Oracle VirtualBox. Configure network adapters (DMZ, public, headquarters) with correct IPs, mount the ISO, and access the SMS web UI to manage blades.
Adding Checkpoint Gateway to SMS5:25
Learn to add a Spartan gateway to the smart management station, configure details and activation key, establish secure communication, fetch topology, publish changes, and apply licensing later.
Installing All-in-One License for SMS11:33
Install and activate a 30-day free Checkpoint license from the user center, generate a central license, and apply it to the smart management station to protect the network.
Installing All-in-One License for Gateway3:39
Attach a license to the Spartan gateway via the management station, using the license file downloaded from the user center, then activate features like firewall monitoring and IPsec VPN.

Security Policy Overview2:39
Explore how security policy controls access, inspects traffic with deep packet inspection, and enables application-aware, granular policies for vpn usage, with logging and monitoring for auditing.
Allow SSH and HTTP Traffic9:20
Create an access control policy to allow ssh and http/https traffic, define source, destination, and services, and place the rule above the cleanup drop rule; verify with the smart console.
Time-based Security Policy6:04
Implement time based security policies to achieve granular control, reduce risk, and meet compliance requirements such as PCI DSS and HIPAA by restricting access to specific hours and recurring schedules.
Section and inline Layers2:14
Explore inline layers as independent sub policies in a rule base, with a parent rule and sub rules, and see how sections group rules by management, VPN, and DMZ.
Policy Packages5:03
Explore policy packages that group access control, nat rules, app and url filtering, content awareness, endpoint security vpn remote access, threat prevention such as ips, antivirus, and https inspection.

Checkpoint IPS5:07
Checkpoint IPS provides real time threat prevention and intrusion detection, integrated with the smart console and gateway, with continuous threat intelligence updates and the latest signature updates.
Threat Prevention and Threat Emulation Explained3:22
Explore threat prevention and threat emulation, including sandboxing, unified security management, and real-time threat intelligence from global feeds to detect and block threats.

Allow uploading of credit cards numbers by finance and only over HTTPS6:53
Enforce encryption for credit card submissions with a content awareness blade and deep packet inspection, creating a finance-only https rule to detect PCI credit card numbers and secure data flow.
Block High-Risk Applications4:25
Enable application control and URL filtering, then create a high-risk application block rule to drop and log prohibited traffic, publish changes, and install the policy on the gateway.
Block downloading of sensitive medical information.6:11
Block downloading of sensitive medical information using content awareness to enforce HIPAA compliance, by creating a content awareness layer, labeling HIPAA content, and dropping matching traffic in the security policy.
Block some categories2:41
Block categories with application control in the smart console at the application layer to drop point-to-point file sharing and social networking, using a new rule with approvals in off hours.
Allow IT department Remote admin5:28
Enforce secure remote administration for the IT department with an application control rule that allows the remote admin app only during working hours (10 a.m.–6 p.m.) and via VPN.
Allow Facebook for HR4:59
Configure checkpoint application control to allow Facebook for the HR group by creating an application or site rule in the smart console, including URL filtering and logging.
Manager needs Audit Report for TikTok Application3:23
Monitor all TikTok traffic with application control, log events, export the audit report to Excel or CSV, and submit to the manager.
Block the download of executable files4:56
Block downloads of executable files using content awareness by configuring a policy layer, enabling the gateway blade, and publishing the policy to log attempts and notify users.
Create https inspection rule for Microsoft domain3:58
Create an https inspection bypass rule for Microsoft domains to prevent deep packet inspection, using the checkpoint smart console and security policy to exclude them from https inspection.
Storage Exceeded5:21
Cover storage overflow on checkpoint firewalls, outline risks above 90%, and explain freeing space by deleting old temporary and log files via expert mode and df -h filtering.
Defend “PHP attack”20:22
Execute a live PHP attack from Kali Linux against a Metasploitable host and observe how the Check Point firewall prevents the intrusion with IPS and logs.

Requirements

Basic understanding of networking concepts and protocols.
Familiarity with general IT terminology and principles.
Access to a computer with internet connectivity for accessing course materials and setting up the Home Lab environment.
Willingness to learn and explore Checkpoint Firewall concepts and configurations.
No prior experience with Checkpoint Firewall is required, but a willingness to engage in hands-on practice is encouraged.

Description

Welcome to the ultimate guide to Checkpoint Firewall, where you'll journey from the fundamentals to advanced applications, all from the comfort of your own home. This comprehensive course is designed to equip you with the skills needed to deploy, configure, and manage Checkpoint Firewalls, from understanding its architecture to implementing high availability solutions. Whether you're aiming to become Checkpoint Certified Security Administrator (CCSA) or looking to enhance your network security expertise, this course provides the knowledge and practical experience you need.

Introduction to Checkpoint Firewall : In this section, you'll delve into the core concepts of Checkpoint Firewall. Learn about its deployment models, architectural components, blade modules, interface configurations, and strategies for ensuring high availability. By understanding these fundamentals, you'll lay a solid foundation for advanced topics in the subsequent sections.
Setting up Home Lab with Gateway and Management Server: Get hands-on experience by setting up your own home-lab environment with Checkpoint Firewall. Walk through the process of deploying a gateway and configuring a management server, enabling you to practice various configurations and scenarios in a safe and controlled environment. Gain practical skills that you can directly apply to real-world scenarios.
Use Cases: Explore real-world use cases and scenarios where Checkpoint Firewall shines. From network segmentation to threat prevention and VPN configurations, you'll discover how Checkpoint Firewall can be leveraged to address diverse security challenges. Gain insights into best practices and strategies for optimizing Checkpoint Firewall deployments based on specific organizational needs.

Whether you're a security professional seeking certification or an IT enthusiast looking to expand your knowledge, this course provides the guidance and resources you need to excel in the world of Checkpoint Firewall. Unlock new opportunities and take your network security skills to the next level with Checkpoint Firewall Home-Lab | CCSA and Beyond.

Who this course is for:

Network administrators seeking to enhance their skills in firewall management.
IT professionals aspiring to become Checkpoint Certified Security Administrators (CCSA).
Cybersecurity analysts interested in bolstering their knowledge of firewall technologies.
System administrators responsible for network security within their organizations.
Security engineers aiming to deepen their understanding of Checkpoint Firewall.
IT consultants looking to expand their expertise in network security solutions.
Students pursuing degrees or certifications in cybersecurity or network administration.

What you'll learn

Explore related topics

Course content

Introduction to Checkpoint Firewall8 lectures • 21min

Setting up Home-Lab7 lectures • 1hr 1min

Security Policy5 lectures • 25min

Network Address Translation(NAT)1 lecture • 5min

Bridge Mode and VLAN Deployment2 lectures • 8min

Threat Prevention, IPS, and ThreatEmulation Blades2 lectures • 8min

Real-World Scenarios11 lectures • 1hr 9min

Requirements

Description

Who this course is for: