Please enable JavaScript.
Coggle requires JavaScript to display documents.
Checkpoint CSSA Main topics (Chapter 9: Introduction to Check Point VPNs,…
Checkpoint CSSA Main topics
Chapter 1: Introduction to Check Point Technology
Securing Channels of Communication
Secure Internal Communication
Testing the SIC Status
Resetting the Trust State
Security Management Server
Managing Users in SmartDashboard
Users Database
DeploymentConsiderations
:
Standalone Deployment
Distributed Deployment
Standalone Full HA
Bridge Mode
Check Point SmartConsole Clients
SmartDashboard
Smartview Tracker
SmartLog
SmartEvent
SmartView Monitor
SmartReporter
SmartUpdate
SmartProvisioning
SmartEndpoint
Security Gateway Inspection Architecture
INSPECT Engine Packet Flow
Chapter 2: Deployment Platforms
Add and Delete Administrators via the CLI
Perform Backup and Restore
Chapter 3: Introduction to the Security Policy
Security Policy Basics
The Rule Base
Managing Objects in SmartDashboard
SmartDashboard and Objects
Object-Tree Pane
Objects-List Pane
Object Types
Rule Base Pane
Creating the Rule Base
Basic Rule Base Concepts
Delete Rule
Basic Rules
Implicit/Explicit Rules
Control Connections
Detecting IP Spoofing
Configuring Anti-Spoofing
Policy Management and Revision Control
Policy Package Management
Database Revision Control
Chapter 4: Monitoring Traffic and Connections
SmartView Tracker
Log Types
SmartView Tracker Tabs
Action Icons
Log-File Management
Administrator Auditing
Global Logging and Alerting
Time Setting
Blocking Connections
SmartView Monitor
Customized Views
Gateway Status View
Traffic View
Tunnels View
Remote Users View
Cooperative Enforcement View
Monitoring Suspicious Activity Rules
Monitoring Alerts
Gateway Status
Overall Status
Software Blade Status
Displaying Gateway Information
Chapter 5: Network Address Translation
Introduction to NAT
IP Addressing
Hid NAT
Choosing the Hide Address in Hide NAT
Static NAT
Original Packet
Reply Packet
NAT Global Properties
Object Configuration - Hid NAT
Hide NAT Using Another Interface
Static NAT
Manual NAT
Configuring Manual NAT
Special Considerations
ARP
Chapter 6: Using SmartUpdate
SmartUpdate and Managing Licenses
SmartUpdate Architecture
SmartUpdate Introduction
Overview of Managing Licenses
License Terminology
Upgrading Licenses
Retrieving License Data from Security Gateways
Adding New Licenses to the License & Contract Repository
Importing License Files
Adding License Details Manually
Attaching Licenses
Detaching Licenses
Deleting Licenses From License & Contract Repository
Installation Process
Viewing License Properties
Checking for Expired Licenses To Export a License to a File
Chapter 7: User Management and Authentication
Security Gateway Authentication
Types of Legacy Authentication p. 142
Authentication Schemes p. 143
Remote User Authentication p. 145
Authentication Methods p. 146
User Authentication
User Authentication Rule Base
Considerations
Session Authentication
Configuring Session Authentication
Client Authentication
Client Authentication and Sign-On Overview
Sign-On Methods
Wait Mode
Configuring Authentication Tracking
LDAP User Management with UserDirectory
LDAP Features
Distinguished Name
Multiple LDAP Servers
Using an Existing LDAP Server
Configuring Entities to Work with the Gateway
Defining an Account Unit
Managing Users
UserDirectory Groups
Chapter 8: Identity Awareness
Introduction to Identity Awareness
AD Query
Browser-Based Authentication
Identity Agents
Deployment
Sources
AD Query (seamlessly from AD)
Broweser-Based Authentication ()
Captive Portal
Transparent Kerberos Authentication
Identity Agent
Terminal Server Identity Agent
Endpoint Identity Agent (auth with SSO)
Types
Full
Light
Terminal Server
Custom
Remote Access
Chapter 9: Introduction to Check Point VPNs
VPN Deployments
Site-to-Site VPNs
Remote-Access VPNs
VPN Implementation
VPN Setup
Understanding VPN Deployment
VPN Communities
Remote Access Community
VPN Topologies
Meshed VPN Community
Star VPN Community
Choosing a Topology
Combination VPNs
Topology and Encryption Issues
Special VPN Gateway Conditions
Authentication Between Community Members
Domain and Route-Based VPNs
Domain-Based VPNs
Route-Based VPN
Access Control and VPN Communities
Accepting All Encrypted Traffic
Excluded Services
Special Considerations for Planning a VPN Topology
Integrating VPNs into a Rule Base
Simplified vs. Traditional Mode VPNs
VPN Tunnel Management
Permanent Tunnels
Tunnel Testing for Permanent Tunnels
VPN Tunnel Sharing
Remote Access VPNs
Multiple Remote Access VPN Connectivity Modes
Establishing a Connection Between a Remote User and a Gateway