Scribd
Upload
74 views

CCSAIntroduction PDF

Uploaded by

kingericcantona
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
74 views

CCSAIntroduction PDF

Uploaded by

kingericcantona
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

Security Administration

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved.
©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties
Course Chapters

1. Introduction to Check Point Technology


2. Deployment Platforms
3. Introduction to the Security Policy
4. Monitoring Traffic and Connections
5. Network Address Translation
6. Using SmartUpdate
7. User Management and Authentication
8. Identity Awareness
9. Introduction to Check Point VPNs 3

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 2
Introduction to Check Point Technology

Core Systems

 The Check Point core systems:


– SmartConsole
– Security Management Server
– Security Gateway

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 3
Introduction to Check Point Technology

SMART

 SmartConsole:
– The SmartCenter GUI, SmartConsole is comprised of several
clients, used to manage the Check Point security environment.

 Security Management Server:


– The Security Management Server stores and distributes
Security Policies to multiple Security Gateways.

 Security Gateway:
– The Security Gateway is the firewalled machine on which the
firewall software is installed, and is based on Stateful
Inspection.
10

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 4
Introduction to Check Point Technology

Deployment Considerations

18

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 5
Introduction to Check Point Technology

Check Point SmartConsole Clients

 SmartConsole is
comprised of
several clients,
used to manage
the security
environment.

21

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 6
Introduction to Check Point Technology

SmartDashboard

 Tabs:
– Firewall
– App Control &
URl Filtering
– DLP
– IPS
– Anti Bot & Anti-
Virus
– Anti Spam and
Mail
– Mobile Access
– IPSec VPN
– QoS
– Desktop
21

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 7
Introduction to Check Point Technology

Check Point SmartConsole

 SmartConsole
components can be
accessed from
SmartDashboard.

22

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 8
Introduction to Check Point Technology

SmartView Tracker

 SmartView Tracker
is used for
managing and
tracking logs and
alerts.

23

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 9
Introduction to Check Point Technology

SmartLog

 SmartLog enables
enterprises to
centrally track log
records.

24

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 10
Introduction to Check Point Technology

SmartEvent

 Event correlation
for firewall, IPS,
DLP, endpoints via
a single console.

24-25

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 11
Introduction to Check Point Technology

SmartView Monitor

 SmartView Monitor
centrally monitors Check
Point and OPSEC
devices, presenting a
complete visual picture of
changes to gateways,
tunnels, remote users
and security activities.

26-27

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 12
Introduction to Check Point Technology

SmartReporter

 SmartReporter
centralizes network
security reporting.

27

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 13
Introduction to Check Point Technology

SmartUpdate

 SmartUpdate
delivers automated
software and license
to distributed
security gateways
from a single
management
console.

28

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 14
Introduction to Check Point Technology

SmartProvisioning

 SmartProvisioning
provides centralized
administration and
provisioning of
Check Point security
devices via a single
management
console.

29

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 15
Introduction to Check Point Technology

SmartEndpoint

 SmartEndpoint is
the management
console for endpoint
clients and their
features.

31

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 16
Introduction to Check Point Technology

Security Management Server

 The Security Management Server is used to manage the


Security Policy.
 The Security Management Server maintains the Security
Gateway databases
 Policies are defined using SmartDashboard, and saved on
the Security Management Server

32

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 17
Introduction to Check Point Technology

Managing Users in SmartDashboard

32

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 18
Introduction to Check Point Technology

SIC Between Security Management Servers


and Components

 SIC among
Security
Management
Servers and
components

36-37

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 19
Introduction to Check Point Technology

Security Appliances

 Check Point Security Appliances are integrated hardware


devices that are preinstalled with essential software blades
to produce a comprehensive, turnkey security gateway
solution.

41

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 20
Introduction to Check Point Technology

Security Appliances

 Virtualized
– Virtual Systems – Taps the power of
virtualization to consolidate and simplify
security for private clouds.
– Security Gateway Virtual Edition –
Protects virtualized environments and
external networks.
– Virtual Appliance for Amazon Web
Services – Security Gateway for virtual
environments in the Amazon Cloud.
.

44

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 21
Introduction to Check Point Technology

Security Software Blades

 Security Gateway Software Blades


– Firewall – Industry’s strongest level of
gateway security and identity awareness

– IPSec VPN – Secure connectivity to


corporate networks for remote users

– Application Control – Application security


and identity control

46

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 22
Introduction to Check Point Technology

Security Software Blades

 Security Gateway Software Blades


– URL Filtering – Optimized web security.

– Anti-Bot – Detects bot-infected machines,


prevents bot damage

– Antivirus – Uses ThreatCloud to detect and


blocks malware real-time

46-47

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 23
Introduction to Check Point Technology

Security Software Blades

 Security Gateway Software Blades


– Identity Awareness – Granular visibility of
users, groups, and machines access control

– DLP – Preemptively protect sensitive


information

– Web Security – Detects and prevents


attacks launched against the Web
infrastructure

47

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 24
Introduction to Check Point Technology

Security Software Blades

 Security Gateway Software Blades


– Anti-Spam & Email Security – Protection
for messaging infrastructure

– Advanced Networking & Clustering –


Simplifies complex network security
deployment and management

– Voice over IP – Deploys secure VoIP


applications

47-48

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 25
Introduction to Check Point Technology

Security Software Blades

 Remote Access Solutions


– Mobile Access Software Blade – Safely
connect to corporate applications over
Internet with Smartphone, tablet, or PC

– Endpoint Security with Remote Access –


Secure and seamless access to corporate
networks remotely

– Check Pont GO – Turns any PC into your


corporate desktop

48-49

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 26
Introduction to the Security Policy

Security Policy Basics

 The Security Policy is a set of rules that defines your


network security.

63

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 27
Introduction to the Security Policy

Managing Objects in SmartDashboard

64

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 28
Monitoring Traffic and Connections

SmartView Monitor

 High performance network and security analysis

94

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 29
Monitoring Traffic and Connections

SmartView Monitor – Customized Views

 Create views based on your specific needs, such as:


– Status
– Traffic
– System stats
– Tunnels

95

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 30
Monitoring Traffic and Connections

Tunnel View

 Monitor the health of your VPN tunnels

96

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 31
Monitoring Traffic and Connections

Remote Users View

 Keep track of your VPN remote users

97

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 32
Introduction to Check Point VPNs

The Check Point VPN

191

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 33
Introduction to Check Point VPNs

Site-to-Site VPN

 Strong encryption
 Reliable
 Scalable

192

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 34
Introduction to Check Point VPNs

Remote-Access VPN

 Strong
authentication

 Centralized
Management

 Scalable

193

©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties | 35
Security Administration

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved.
©2013 Check Point Software Technologies Ltd. [Confidential] — For Check Point users and approved third parties

You might also like