Description
Who should attend
Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products.
Prerequisites
- Working knowledge of Unix and Windows operating systems Certificate management System administration, and Networking.
- Completed CCCS Training or Certification.
- Completed CCSE Training or Certification.
Course Objectives
- Discuss AWS Platform Components and their relationship to Check Point CloudGuard Network Security.
- Explain how to maintain a secure, efficient, and stable cloud environment.
- Describe the components and constraints of a hub and spoke security environment.
- Describe the function of the Cloud Management Extension.
- Explain the purpose of identity and access controls and constraints in different cloud platforms.
- Explain the steps required to configure Identity and Access controls in AWS.
- Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature.
- Explain how to design and configure Cloud Adaptive Policies.
- Discuss the purpose and function of Data Center Objects.
- Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments.
- Explain how CSP templates can be used for maintenance tasks in the cloud environment.
- Discuss Third–Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them.
- Discuss Scaling Solutions and Options for Cloud Environments.
- Explain the Scaling Options in AWS.
- Describe the workflow for configuring scaling solutions in AWS.
- Discuss how ClusterXL operates and what elements work together to permit traffic failover.
- Explain how ClusterXL functions differently in a Cloud Environment.
- Describe how clusters are created and function in AWS.
- Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved.
- Explain the nature of a “Greenfield” deployment, the advantages of it, and the constraints involved.
- Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud.
- Discuss the steps required for troubleshooting automation in AWS.
- Explain the steps required for troubleshooting Scaling Solution issues in AWS.
- Describe the steps required for troubleshooting clusters in AWS
Outline: Check Point Cloud Network Security Expert – AWS (CNSE-AWS)
- Create an SSH Key Pair.
- Create a VPC.
- Deploy an SMS.
- Connect to SmartConsole.
- Review the IAM Role.
- Configure the Cloud Management Extension.
- Configure the Access Control Policy.
- Create the AWS Data Center Object.
- Create Access Control Policy with a Data Center Object.
- Create the AWS VPC Spokes.
- Deploy the Web Servers into the Spoke VPCs.
- Create the AWS Auto Scale Deployment.
- Create the External and Internal Load Balancers.
- Create the VPC for the Auto Scale Deployment.
- Create the VPC Peers.
- Deploy the CloudGuard Cluster Template.
- Create the AWS VPN Gateway.
- Configure the Tunnel Interfaces.
- Configure the Static Routes.
- Configure the Network Objects.
- Configure the VPN Community.
- Configure the Security Policy.
- Test the Traffic.
- Troubleshoot the CloudGuard Controller.
- Debug the CloudGuard Controller.
- Debug the Cloud Management Extension.
