Académique Documents
Professionnel Documents
Culture Documents
Checkpoint Firewall
Training
By Vikas Rajpal
Agenda Day1
Introduction
Basics - Network & Security technologies
Why Network security
Type of Threats
Security technologies
Basics on static routing and VLANS
Advance TCP/IP concepts
Review
Question Answer session
Agenda Day2
What is Firewall ?
Why we need firewall.
Different Firewall technologies.
Limitation of firewalls
Review
Question Answer session
Configuring Hide and Static NAT using both Automatic and manual NAT as per defined
security policy.
Verifying the security policy and address translation in Smart view tracker.
Security Policy:-
Internal /LAN users should be able to access internet services through proxy server.
LAN users should be able to access FTP/SMTP/MSTSC though firewall.
Publish internal servers on internet i.e internet users should be able to browse internal resources.
Lab Scenario -2
Scenario -2 Activities
Defining user templates and setting authentication parameters.
Configuring user, client and session authentication using both checkpoint local and active
directory database
Advance Rule base function with object cloning and database revision control.
Security Policy:-
Internal /LAN users should be able to access internet services through proxy server through user, client and session authentication.
LAN users should be able to access FTP/SMTP/MSTSC through firewall module
Publishing of DMZ server on internet i.e. internet users should be able to browse internal resources.
Publishing one of DMZ server on internet with non standard port Original port should be hidden from external users.
Lab Scenario -3
Scenario -3 Activities
Scenario 1 and 2 activities.
Blocking intruder activities through smart view tracker and checking status in smart view monitor.
Security Policy:-
LAN and remote users should be able to access internet through proxy server and directly via firewall.
Corporate users should be able to access the internal resources through internet using IPsec VPN.
Faculty
Vikas Rajpal Consultant presales security at IRIS
5 Years of experience in implementation and designing of end to end security
technologies with various certifications i.e. CCSA, CCSE, CEH, ISO 27001 LA,
Cisco PIX ,VPN & Radware certified.