This Subject is designed to provide students with the skills and knowledge required to define and configure security policies that enable secure access to information across corporate networks, monitor network security activity and implement measures to block intruder access to networks, set up a site-to-site VPN and implement a remote access VPN with VPN-1 SecureClient or VPN-1 SecuRemote. Students completing this subject will possess the knowledge and expertise to configure VPN-1/FireWall-1 as an Internet security solution and virtual private network (VPN) that securely connects corporate offices and remote workers, protecting information exchange and granting access to network resources.
No offerings have been identified for this subject in 2019.
SY/US
One session
School of Computing and Mathematics
Only for students enrolled in:
Master of Information Systems Security
Master of Management (IT) - MMgtInfoTech
Graduate Certificate in Management (IT) - GradCertMgtInfoTech
ITI500 and ITI581
- be able to deploy VPN-1/FireWall-1 architecture
- be able to deploy VPN-1/FireWall-1 modules
- be able to deploy VPN-1/FireWall-1 components
- be able to define a security policy using the VPN-1/FireWall-1 Security Dashboard, incorporating the SmartMap
- be able to deploy and manage distributed security gateways using Check Point's SmartUpdate and Secure Internal Communications (SIC) capabilities
- be able to administer and troubleshoot VPN-1/FireWall-1 security policies
- be able to implement network address translation (NAT)
- be able to set up user authentication in a VPN-1/FireWall-1 environment
- be able to define, administer and troubleshoot an active security policy
- be able to improve VPN-1/FireWall-1 performance using a security policy
- be able to create network objects and groups
- be able to perform basic log management operations
- be able to configure anti-spoofing on the firewall
- be able to block intruder from accessing the network
- be able to set up user, client and session authentication in a VPN-1/FireWall-1 environment
- be able to configure and set up network address translation (Static NAT and hide NAT)
- be able to back up critical VPN-1/FireWall-1 information
- be able to uninstall VPN-1/FireWall-1
- be able to install and configure VPN-1/FireWall-1 for enterprise and VPN deployment
- be able to configure and deploy VPN-1 SecuRemote and VPN-1 SecureClient for remote access VPNs
- be able to set up VPN desktop policies for VPN-1 SecureClient and how to use Security Configuration Verification to ensure VPN client security
- be able to use the VPN-1 SecureClient packaging tool for easy software configuration and deployment
- be able to use digital certificates to establish trust relationships in VPN environments
- be able to use SYNDefender to protect against denial of service (DoS) attackes, and content security options, including URL filtering
- be able to define the most common VPN protocols
- be able to define the secure protocols that IPSec supports
- be able to define the differences between 'Transport mode' and 'Tunnel mode'
- be able to define the differences between IKE and manual key VPN
- be able to configure ZyWALL VPN
- be able to determine how many VPN connections that ZyWALL supports
- be able to define what VPN protocols are supported by ZyWALL VPN
- be able to define types of encryption supported by ZyWALL VPN
- be able to plan a ZyWALL-to-ZyWALL VPN configuration
- be able to support Secure Remote Management
- be able to define the difference between 'My IP Address' and 'Secure Gateway IP Address'
- be able to configure ZyWALL with NAT for internal servers
- be able to plan ZyWALL behind a NAT router
Based on Check Point Security Certificate Curriculum
For further information about courses and subjects outlined in the CSU handbook please contact:
The information contained in the CSU Handbook was accurate at the date of publication: May 2019. The University reserves the right to vary the information at any time without notice.