Skip Ribbon Commands
Skip to main content

CCSE - Check Point Security Engineering


Duration: 3 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​Check Point Security Engineering (R77 GAiA) is an advanced course that provides you training on how to effectively build, modify, deploy, and troubleshoot Check Point Security systems on the GAiA OS. You will learn about firewall processes, user and kernel processing, and Stateful Inspection. Labs include configuring security gateways, implementing VPNs, and performing advanced troubleshooting tasks on the firewall.

Course Objectives

​Students will learn the skills necessary to work with Check Point Security Engineering featuring R77 GAiA and will gain experience with:

  • Check Point firewall technology
  • Troubleshooting Check Point firewall technology
  • Advanced upgrading concepts and practices
  • Clustering firewall, management concepts, and practices
  • Software acceleration features
  • Advanced VPN concepts and implementations
  • Reporting tools, deployment options, and features

Course Audience

​This course is recommended for Systems Administrators, Network Engineers, Support Analysts and any other IT professional seeking CCSE certification

Course Outline

  1. Perform a backup of a Security Gateway and Management Server using your understanding of the differences between backups, snapshots and update-exports
  2. Upgrade and troubleshoot a Management Server using a database migration
  3. Upgrade and troubleshoot a clustered Security Gateway deployment
  4. Use knowledge of Security Gateway infrastructures, chain modules, packet flow and kernel tables to perform debugs on firewall processes
  5. Build, test, and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
  6. Build, test, and troubleshoot a ClusterXL High Availability deployment on an enterprise network
  7. Build, test, and troubleshoot a management HA deployment on an enterprise network
  8. Configure, maintain, and troubleshoot SecureXL and CoreXL 
  9. acceleration solutions on the corporate network traffic to ensure noted performance  enhancement
  10. Using an external user database (such as LDAP), configure User Directory to incorporate user information for authentication services on the network
  11. Manage internal and external user access to resources for remote access or across a VPN
  12. Troubleshoot user access issues found when implementing Identity Awareness
  13. Troubleshoot a site-to-site or certificate-based VPN on a corporate gateway using IKE View, VPN log files, and command-line debug tools
  14. Optimize VPN performance and availability by using link selection and multiple entry point solutions
  15. Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community, including other VPN providers
  16. Create events (or use existing event definitions) to generate reports on specific network traffic using SmartReporter and SmartEvent to provide industry-compliance information to management
  17. Troubleshoot report generation given command-line tools and debug-file  information
Hands  On Labs
Lab 1: Upgrade to Check Point R77
Lab 2: Core CLI elements of firewall administration
Lab 3: Migrate to a clustering solution
Lab 4: Configure SmartDashboard to interface with Active Directory
Lab 5: Configure site-to-site VPNS with third-party certificates
Lab 6: Remote access with Endpoint Security VPN
Lab 7: SmartEvent and SmartReporter

Course Prerequisites

Prior to taking this course, it is recommended that learners possess the following:
  • Knowledge of network security
  • An understanding of UNIX and Windows operating systems, certificate management, system administration, networking (TCP/IP)
  • A Check Point Security Administration course or CCSA certification
Course Schedule
This course is not scheduled yet.