发信人: hnyjchuhong(楚泓)
整理人: firphoenix(2001-11-28 14:12:07), 站内信件
|
Checkpoint認證簡介
What is Checkpoint?
Check Point Software Technologies Ltd. is the leader in securing the Internet. The flagship of the company's Network Security product line, FireWall-1is the award-winning enterprise security suite that integrates access control, authentication, encryption, network address translation, content security and auditing. The suite is extended by OPSEC framework which provides integration and enterprise management for FireWall-1 and many third-party security applications. Other CHECK POINT offerings in the Network Security product line include: 1) the VPN-1 family of virtual private networking solutions, a broad range of flexible software- and hardware-based VPN solutions that can be implemented across multiple platforms, integrated into an overall enterprise security policy and managed from a single central management console, and 2) Provider-1, a comprehensive, carrier-class management solution for Managed Service Providers that lowers service delivery costs by providing the ability to manage multiple security policies from a single point.
In addition to security solutions, Checkpoint offers solutions for traffic control and IP address management. FloodGate-1 is a policy-based bandwidth management solution that alleviates traffic congestion on oversubscribed Internet and Intranet links. The flagship product of the company's Traffic Control product line, FloodGate-1 enables organizations to define and manage enterprise-wide policies that precisely control valuable bandwidth resources to optimize network performance and alleviate network congestion. The IP Address Management line includes Meta IP, which provides centralized management and distributed administration of enterprise-scale IP network infrastructures. Meta IP is a tightly integrated suite consisting of a flexible and easy-to-use enterprise management service, standards-based IP network services (Dynamic DNS, DHCP and RADIUS), and an open and distributed LDAP data store. These components provide seamless, fault tolerant IP services to every user and device connecting to the network and enable the control of IP addresses, network devices and IP services, and the protection of the infrastructure from catastrophic failure.
Behind the scene are the proprietary technologies invented by Checkpoint. STATEFUL INSPECTION is the de facto standard in network security technology. It provides accurate and highly efficient traffic inspection with full application-layer awareness to deliver the highest level of security and performance. Because Stateful Inspection does not require a separate proxy to secure every service, customers experience higher performance, scalability, and the ability to support new and custom applications much more quickly than with older architectures. INTELLIGENT QUEUING ENGINE is a revolutionary new technology that enables organizations to define highly granular levels of traffic classification, queuing, and scheduling by dynamically controlling entire classes of traffic, not just individual connections. A core technology component of the FloodGate-1 policy-based bandwidth management solution, the IQ Engine™ intelligently and actively allocates available bandwidth for specified Internet services, users, groups or designated network resources. USER-TO-ADDRESS MAPPING is a component of Meta IP that provides network administrators with the associations between: user login name, dynamically-assigned IP address, computer host name and network interface card MAC address. With this information, administrators can connect all pieces of the puzzle to obtain a clear picture of IP address usage within an organization. Binding user information from Windows NT user authentication or Meta IP's Remote Authentication Dial-In User Service (RADIUS) with TCP/IP configuration information from DHCP leases, enables managers to instill a greater level of accountability into a dynamic environment.
Checkpoint Certification Paths
Checkpoint certification offers a choice of different tracks based on the different product offers. Each track leads to a certification in a different area of expertise.
Certifications include:
Check Point Certified Security Administrator CCSA is the foundation training on Check Point's industry leading VPN-1/FireWall-1 product. According to Checkpoint: CCSAs offer valuable assistance to their employers or customers by ensuring the company receives a firewall implementation that enables secure access to information across the network. By completing training and certification, you will have the skills to set up basic firewall policies and troubleshoot systems to ensure they are working efficiently. The Certified Security Administrator designation indicates you are able to:
Install VPN-1/FireWall-1
Configure VPN-1/FireWall-1for firewall functionality
Use the VPN-1/FireWall-1 GUI interfaces: Security Policy, Log Viewer, and System Status
Apply Network Address Translation (NAT) rules in firewall configurations
Authenticate users with VPN-1/FireWall-1
Check Point Certified Security Engineer CCSE is the in depth training on VPN-1/FireWall-1, and is the next step after the completion of CCSA certification. According to Checkpoint: Check Point Certified Security Engineers posses in depth knowledge for establishing and managing VPNs with Check Point's VPN-1/FireWall-1 and are trained on implementing complex installations of VPN-1/FireWall-1. By preparing for and achieving this certification, you will gain knowledge of:
Setting up tracking within VPN-1/FireWall-1
Server Load Balancing
Content Security
Encryption schemes used by VPN-1FireWall-1
SecureRemote and Secure Client for the benefit of remote access using a VPN
Defining a desktop policy and using the policy server
Modifying attack detection parameters
Check Point Certified Addressing Engineer CCAE is designed for professionals who work with Check Point's Meta IP. According to Checkpoint: Check Point Certified Addressing Engineer certification is a product focused certification designed to give professionals the skills to manage Check Point's Meta IP. As a CCAE you will be able to integrate Meta IP into your corporate network to streamline the management of your IP address infrastructure. CCAE certification gives you the skills to:
Configure policy based network management for user centric networks
Structure automated IP address allocation
Grant different levels of access control and permissions on a user by user or group by group basis
Configure user to address Mapping for next generation applications
Install Meta IP or upgrading to Meta IP
Configure Meta IP using the Meta IP Manager
Track user log-ons and log-offs using DNS
Interface UAM and UAT with VPN-1/FireWall-1
Structure load balancing with Meta IP's Load Balancer
Troubleshoot Meta IP, DNS and DHCP
Check Point Certified Quality of Service Engineer CCQE is designed for administrators and engineers working with FloodGate-1. According to Checkpoint: CCQE certification gives you the skills and knowledge required to implement and to manage Check Point's FloodGate-1. Skills covered by this certification include how to:
Install FloodGate-1
Navigate FloodGate-1
Use the integrated FloodGate-1 GUI with VPN-1/FireWall-1
Create the Standard Policy
Learn to use network objects manager and the services and resources manager
Use Real-Time Monitor for real-time observation of network traffic, either by network object or by services
Configure a Bandwidth Policy for all traffic on the network
Training and Exams:
Official Checkpoint certification courses are offered through various Authorized Training Centers. You can visit: www.checkpoint.com/atc for training partner locations.
All Check Point exams are composed of multiple choice questions and true/false questions. Students are given 90 minutes to complete exams. The total number of points that can be achieved on an exam is 100. The cut score is 70. You may visit VUE’s web site for further information on test registration: http://www.vue.com/it/
|
|