Those are my personal notes towards the certification and do not reflect any training from Check Point
For official Information please refer to sk163417.
| Start | 08:30 |
| End | 17:30 |
- Chapter 3: Advanced Gateway Deployment (Continued)
- Chapter 4: Advanced Policy Configuration
- Chapter 5: Advanced User Access Management
- Chapter 6: Custom Thread Prevention
- Chapter 7: Advanced Site-to-Site VPN
Chapter 3: Advanced Gateway Deployment (Continued)
set cluster member admin up
tcpdump -nni ethO port 8116
cphaprob -ia list
show cluster release
Chapter 4: Advanced Policy Configuration
Desktop Security Policy – Computer / User Personal Firewall Rules
Explicite and Implied Rules
Shared Policies
Concurent Policy Installation
Policy Layers
Logical Grouping of one or more of the policy types
Dynamic Objects
create new object
dynamic_objects -n object
create new object with data
dynamic_objects -n object -r 190.160.1.1 190.160.1.40 -a
add range to object
dynamic_objects -o object -r 190.160.1.1 190.160.1.40 -a
update object (create new object if object does not exists)
dynamic_objects -u object -r 190.160.1.1 190.160.1.40
delete range from object
dynamic_objects -o object -r 190.160.1.1 190.160.1.40 -d
dynamic_objects -lo object
Chapter 5: Advanced User Access Management
Identity Awareness Deployment
Chapter 6: Custom Thread Prevention
Core IPS is part of the Gateway.
Anti-Bot is post infection.
Chapter 7: Advanced Site-to-Site VPN
cpu_util all
CPU Total User System Idle
0 2% 0% 2% 98%
1 4% 1% 3% 96%
2 1% 0% 1% 99%
3 1% 0% 1% 99%cpstat os -f cpu
CPU User Time (%): 1
CPU System Time (%): 2
CPU Idle Time (%): 98
CPU Usage (%): 3
CPU Queue Length: -
CPU Interrupts/Sec: 963
CPUs Number: 4nmon
Patrick Marc's Networks 