Check Point NGX Security Administration on Nokia IP Security

4 Day Course
Hands On
Official Check Point Curriculum

Book Now - 1 Delivery Method Available:

Scheduled Online Onsite


Instructor-led course, which covers configuring and implementing Check Point NGX on Nokia IP Security Platforms. The course provides the information and experience necessary to deploy and manage Internet firewalls on the Nokia family of security products. Hands-on exercises enable students to demonstrate a thorough knowledge of the platform operations, effectively configure security policies, and successfully deploy Internet security solutions.

Who should attend?

This course is designed for those people who will be responsible for the installation, implementation or maintenance of a Checkpoint NGX - protected site using a Nokia Security Appliance, including Systems administrators, security managers and network engineers who manage Checkpoint NGX gateway deployments, as well as those who seek Nokia Security Administrator (NO0-002) and/or CCSA NGX, #156-215.1 certifications.


Delegates attending this course will be able to:

Define Nokia Security Platform features and routing terminology
Identify the fundamental design considerations for the Nokia IP Security Platform
Deploy VPN-1 NGX modules and components
Define a security policy using the VPN-1 NGX Security Dashboard, incorporating the SmartMap
Implement network address translation (NAT)
Set up user authentication in a VPN-1 NGX environment
Enable high availability using Virtual Router Redundancy Protocol (VRRP)
Use troubleshooting tools and administrative procedures

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.


Hide all

Topics covered: (18 topics)

  • Identify overall features and benefits of the NSP line.
  • Review the Nokia IPSO design and file structure.
  • Execute the initial setup process of an NSP.
  • Describe the tools available to monitor the status of an NSP.
  • Configure SSH and SSL.
  • Describe the architecture of VPN-1 NGX.
  • Create and modify an NGX Security Policy.
  • Configure and use SmartView Tracker and SmartView Monitor.
  • Configure and use SmartDefense.
  • Configure Hide and Static Network Address Translation (NAT).
  • Explain encryption for VPNs, comparing and contrasting common encryption methods.
  • Configure User, Client, and Session Authentication.
  • Implement LDAP and integrate it with an NGX SmartCenter Server.
  • Select the appropriate backup strategy to meet disaster-recovery requirements.
  • Use NGX upgrade tools and SmartUpdate to upgrade to NGX.
  • Maintain an NSP, installing, upgrading, and backing up Nokia components.
  • Determine the licensing process for VPN-1 NGX.
  • Configure VRRP and SVRRP.

Exercises: (21 topics)

  • Integrate an NSP into an existing network.
  • Configure an NSP using Nokia Network Voyager.
  • Monitor and report statistical information regarding the status of an NSP.
  • Enable SSH and configure SSH options.
  • Configure SSL/TLS communication using Voyager.
  • Configure an NGX Security Gateway for a distributed environment.
  • Implement a distributed installation of VPN-1 NGX.
  • Launch Check Point's SmartDashboard and verify Internal Certificate Authority configuration.
  • Use SmartDashboard to define network objects and groups.
  • Set up anti-spoofing parameters on an NGX gateway object.
  • Use Check Point's SmartMap to convert the logical layout of an organization into a graphical schematic.
  • Configure an NGX Rule Base for proper network functionality, based on specific requirements.
  • Use NGX object cloning to create cloned objects.
  • Use Database Revision Control to save an NGX Security Policy into several versions.
  • Use Check Point's SmartView Monitor to block a malicious user's network activities.
  • Enforce the Suspicious Activity Rule (SAM Rule) with SmartView Monitor.
  • Identify changes in NGX system status, using SmartView Monitor.
  • Configure Check Point's SmartDefense to detect port scans and multiple connection attempts.
  • Enable Hide and Static NAT on a network.
  • Demonstrate the math and mechanics that go into encrypted communication.
  • Create an NGX user template to add users.


Persons attending this course should have a working knowledge of internetworking concepts and an understanding of TCP/IP, network addressing and subnet masks. They should also have knowledge of basic router concepts as they relate to Layer 3 of the OSI model, including RIPv1 and v2, and static routes. Basic knowledge of networking concepts and topologies, and an understanding of the OSI model is required.

Additional Learning

The courses below may help you meet the knowledge level required to take this course. If you are unsure please ask a training advisor .

or call:408-759-5074

Course PDF


Share this Course


Recommend this Course