During this four day training course, you will learn how to install, configure, administer, and support Stonesoft NGFW.

Through instruction, demonstrations, and hands-on lab practice exercises, you will learn the requirements and recommendations to successfully deploy Stonesoft NGFW in a variety of network environments. You will develop expertise in creating security rules and policies, managing users and authentication, understanding multi-link technology, configuring VPNs, deep traffic inspection, performing common administration tasks including status monitoring and reporting.

Read more


Working knowledge of Microsoft Windows administration, system administration concepts, a basic understanding of computer security concepts, and a general understanding of Internet services.

Who should attend?

Channel Partners:

  • Consultants, system architects, integrators and planners who help customers with Stonesoft NGFW implementations.

Forcepoint Sales Engineers:

  • Forcepoint personnel who provide pre-sales and post-sales support for Stonesoft NGFW.
Read more

Delegates will learn how to

  • Understand the fundamentals of NGFW
  • Understand different installation methods
  • Understand SMC capabilities
  • Understand FW/VPN roles and clustering
  • Configure routing
  • Configure security policies
  • Understand Multi-Link technology
  • Configure Multi-Link VPNs
  • Manage users and authentication
  • Configure IPsec and SSL VPNs
  • Perform traffic and deep inspection
  • Perform common administration tasks
  • Understand monitoring capabilities
  • Configure reporting
Read more


Day 1
1) Introductions

  • Participant introductions
  • Logistics
  • Course Objectives

2) Next Generation Firewall Engine

  • NGFW History & Background
  • Key Benefits and Differentiators
  • Operating Modes
  • Hardware Platforms and Virtualization
  • Installation Methods
  • Licensing and Add-ons

3) SMC Overview

  • NGFW System Architecture
  • SMC Components / Supported Platforms
  • Management & Log Server Properties
  • WebPortal Server Properties
  • Deployment Options
  • Status View / Configuration View
  • Management Client Tools
  • Local Manager

4) FW/VPN Role and Clustering

  • NGFW FW/VPN Role & Requirements
  • Multi-layer Inspection
  • Single NGFW Overview
  • Clustering Technology
  • Firewall Cluster
  • IPS Serial Clustering
  • Additional Firewall Features
  • NGFW Engine Architecture

5) Routing and Anti-Spoofing

  • Static Routing Configuration
  • Special Routing Conditions
  • Policy Routing
  • Dynamic Routing Overview

6) Security Policies

  • Policy Types
  • Packet Processing Flow
  • Firewall Templates and Policy
  • Structure
  • Firewall Policy
  • Policy Tools & Rule Options
  • NAT Definition
  • Address Translation Options
  • Proxy ARP and NAT

Day 2
7) Log Data Management

  • Purpose of Logs
  • Log Entry Types
  • Logging Generation
  • Log Data Pruning
  • Logs View
  • Visualizing Logs
  • Filters
  • Third Party Logs

8) Multi-Link Technology

  • Outbound Traffic Management
  • Link Selection Methods
  • Outbound Multi-Link Configuration
  • Server Pools
  • Multi-Link for Inbound Traffic
  • Configuring Server Pools and
  • Inbound Multi-Link

9) Multi-Link VPN

  • Overview of VPNs
  • VPN Topologies
  • VPN High Availability
  • Policy-Based VPN Configuration
  • VPN Tools
  • Route-Based VPN

10) Users and Authentication

  • Managing Users
  • Directory Servers
  • Supported Authentication Methods
  • User Authentication Process
  • Browser Based Authentication

Day 3
11) IPsec VPN Client

  • Mobile VPN Connections
  • IPsec VPN vs SSL VPN Tunneling
  • VPN Client Configuration - Gateway Side
  • VPN Client Configuration - Client Side
  • Troubleshooting Tools


  • Client Based and Clientless Access
  • SSL VPN Portal Overview
  • SSL VPN Services
  • Routing Methods
  • SSL VPN Portal Configuration

13) Traffic Inspection in Access Rules

  • Traffic Inspection
  • Protocol Agents
  • Applications
  • Web Filtering
  • Anti-Virus
  • Anti-Spam
  • GTI and ATD
  • Deep Inspection
  • TLS Inspection

Day 4
14) Inspection and File Policies

  • Deep Inspection
  • NGFW Policy Templates
  • Predefined Inspection Policies
  • Situation Concepts
  • Inspection Rules Tree
  • Fine-Tuning Inspection
  • Inspection Exception Rules
  • Rule Options
  • Blacklist
  • Packet Inspection Procedure

15) Administration Tasks

  • Role-Based Access Control
  • Alert Process
  • Log Management Tasks
  • Log Forwarding
  • System Upgrades and Backups
  • SMC High Availability
  • Location and Contact Addresses
  • Troubleshooting / Support

16) Monitoring, Statistics and Reports

  • Status Monitoring
  • Overviews
  • Reports
  • Report Designs, Sections, and Items
  • Geolocation Maps
  • Session Monitoring
  • Third-Party Monitoring
Read more

Why choose QA

Dates & Locations

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information