ITI551 Virtual Private Network and Firewall Management 1 (8)

This Subject is designed to provide students with the skills and knowledge required to define and configure security policies that enable secure access to information across corporate networks, monitor network security activity and implement measures to block intruder access to networks, set up a site-to-site VPN and implement a remote access VPN with VPN-1 SecureClient or VPN-1 SecuRemote. Students completing this subject will possess the knowledge and expertise to configure VPN-1/FireWall-1 as an Internet security solution and virtual private network (VPN) that securely connects corporate offices and remote workers, protecting information exchange and granting access to network resources.

Subject Outlines
Current CSU students can view Subject Outlines for recent sessions. Please note that Subject Outlines and assessment tasks are updated each session.

No offerings have been identified for this subject in 2018.

Where differences exist between the Handbook and the SAL, the SAL should be taken as containing the correct subject offering details.

Subject Information

Grading System



One session


School of Computing and Mathematics

Enrolment Restrictions

Only for students enrolled in:
Master of Information Systems Security
Master of Management (IT) - MMgtInfoTech
Graduate Certificate in Management (IT) - GradCertMgtInfoTech


ITI500 and ITI581

Learning Outcomes

Upon successful completion of this subject, students should:

- be able to deploy VPN-1/FireWall-1 architecture
- be able to deploy VPN-1/FireWall-1 modules
- be able to deploy VPN-1/FireWall-1 components
- be able to define a security policy using the VPN-1/FireWall-1 Security Dashboard, incorporating the SmartMap
- be able to deploy and manage distributed security gateways using Check Point's SmartUpdate and Secure Internal Communications (SIC) capabilities
- be able to administer and troubleshoot VPN-1/FireWall-1 security policies
- be able to implement network address translation (NAT)
- be able to set up user authentication in a VPN-1/FireWall-1 environment
- be able to define, administer and troubleshoot an active security policy
- be able to improve VPN-1/FireWall-1 performance using a security policy
- be able to create network objects and groups
- be able to perform basic log management operations
- be able to configure anti-spoofing on the firewall
- be able to block intruder from accessing the network
- be able to set up user, client and session authentication in a VPN-1/FireWall-1 environment
- be able to configure and set up network address translation (Static NAT and hide NAT)
- be able to back up critical VPN-1/FireWall-1 information
- be able to uninstall VPN-1/FireWall-1
- be able to install and configure VPN-1/FireWall-1 for enterprise and VPN deployment
- be able to configure and deploy VPN-1 SecuRemote and VPN-1 SecureClient for remote access VPNs
- be able to set up VPN desktop policies for VPN-1 SecureClient and how to use Security Configuration Verification to ensure VPN client security
- be able to use the VPN-1 SecureClient packaging tool for easy software configuration and deployment
- be able to use digital certificates to establish trust relationships in VPN environments
- be able to use SYNDefender to protect against denial of service (DoS) attackes, and content security options, including URL filtering
- be able to define the most common VPN protocols
- be able to define the secure protocols that IPSec supports
- be able to define the differences between 'Transport mode' and 'Tunnel mode'
- be able to define the differences between IKE and manual key VPN
- be able to configure ZyWALL VPN
- be able to determine how many VPN connections that ZyWALL supports
- be able to define what VPN protocols are supported by ZyWALL VPN
- be able to define types of encryption supported by ZyWALL VPN
- be able to plan a ZyWALL-to-ZyWALL VPN configuration
- be able to support Secure Remote Management
- be able to define the difference between 'My IP Address' and 'Secure Gateway IP Address'
- be able to configure ZyWALL with NAT for internal servers
- be able to plan ZyWALL behind a NAT router


This subject will cover the following topics:

Based on Check Point Security Certificate Curriculum


Current Students

For any enquiries about subject selection or course structure please contact Student Central or or phone on 1800 275 278.

Prospective Students

For further information about Charles Sturt University, or this course offering, please contact info.csu on 1800 275 278 (free call within Australia) or enquire online.

The information contained in the 2018 CSU Handbook was accurate at the date of publication: August 2018. The University reserves the right to vary the information at any time without notice.