Check Point NGX Security Administration on Nokia IP Security

4 Day Course
Hands On
Official Check Point Curriculum

This course has been retired. Please view currently available Check Point Training Courses.


Collapse all

Topics covered: (18 topics)

  • Identify overall features and benefits of the NSP line.
  • Review the Nokia IPSO design and file structure.
  • Execute the initial setup process of an NSP.
  • Describe the tools available to monitor the status of an NSP.
  • Configure SSH and SSL.
  • Describe the architecture of VPN-1 NGX.
  • Create and modify an NGX Security Policy.
  • Configure and use SmartView Tracker and SmartView Monitor.
  • Configure and use SmartDefense.
  • Configure Hide and Static Network Address Translation (NAT).
  • Explain encryption for VPNs, comparing and contrasting common encryption methods.
  • Configure User, Client, and Session Authentication.
  • Implement LDAP and integrate it with an NGX SmartCenter Server.
  • Select the appropriate backup strategy to meet disaster-recovery requirements.
  • Use NGX upgrade tools and SmartUpdate to upgrade to NGX.
  • Maintain an NSP, installing, upgrading, and backing up Nokia components.
  • Determine the licensing process for VPN-1 NGX.
  • Configure VRRP and SVRRP.

Exercises: (21 topics)

  • Integrate an NSP into an existing network.
  • Configure an NSP using Nokia Network Voyager.
  • Monitor and report statistical information regarding the status of an NSP.
  • Enable SSH and configure SSH options.
  • Configure SSL/TLS communication using Voyager.
  • Configure an NGX Security Gateway for a distributed environment.
  • Implement a distributed installation of VPN-1 NGX.
  • Launch Check Point's SmartDashboard and verify Internal Certificate Authority configuration.
  • Use SmartDashboard to define network objects and groups.
  • Set up anti-spoofing parameters on an NGX gateway object.
  • Use Check Point's SmartMap to convert the logical layout of an organization into a graphical schematic.
  • Configure an NGX Rule Base for proper network functionality, based on specific requirements.
  • Use NGX object cloning to create cloned objects.
  • Use Database Revision Control to save an NGX Security Policy into several versions.
  • Use Check Point's SmartView Monitor to block a malicious user's network activities.
  • Enforce the Suspicious Activity Rule (SAM Rule) with SmartView Monitor.
  • Identify changes in NGX system status, using SmartView Monitor.
  • Configure Check Point's SmartDefense to detect port scans and multiple connection attempts.
  • Enable Hide and Static NAT on a network.
  • Demonstrate the math and mechanics that go into encrypted communication.
  • Create an NGX user template to add users.


Persons attending this course should have a working knowledge of internetworking concepts and an understanding of TCP/IP, network addressing and subnet masks. They should also have knowledge of basic router concepts as they relate to Layer 3 of the OSI model, including RIPv1 and v2, and static routes. Basic knowledge of networking concepts and topologies, and an understanding of the OSI model is required.

Additional Learning

The courses below may help you meet the knowledge level required to take this course.

Course PDF