Check Point Security Administration (CCSA)

Participants should have knowledge of:

• Unix-like and Windows operating systems
• Internet fundamentals
• Networking fundamentals
• Network security principles
• System administration
• TCP/IP networking
  

Target audience

This course is designed for:

• Security administrators
• Security engineers
• Security analysts
• Security consultants
• Security architects

The content also aligns to NIST/NICE work role categories for implementation and operation, and protection and defence.

By the end of this course, learners will be able to:

• Describe the Check Point three-tier architecture and its role within a Quantum Security Environment.
• Navigate the Gaia Portal, Gaia Command Line Interface, and core SmartConsole views.
• Create and manage administrator accounts, profiles, and collaborative session controls.
• Configure physical and logical objects within SmartConsole to support policy design.
• Create, modify, and validate security policies aligned to organisational access requirements.
• Implement and test ordered layers and inline layers to improve inspection accuracy.
• Monitor system performance, logs, events, and platform state using SmartConsole and Gaia tools.
• Configure Identity Awareness components and integrate user identity into policy rules.
• Enable and tune HTTPS Inspection for encrypted traffic visibility.
• Implement Application Control and URL Filtering to govern application and web access.
• Enable and validate Autonomous Threat Prevention to elevate overall security posture.

Introduction to Quantum Security

• Overview of the Check Point three-tier architecture
• Interaction between management, log servers, and gateways
• Navigating core SmartConsole views
• Accessing and reviewing Gaia on management servers, log servers, and gateway clusters

Lab tasks

• Explore Gaia on management, log servers, and gateways
• Connect to SmartConsole
• Navigate gateways and servers, security policies, logs and events, and manage and settings views

Administrator account management

• Purpose of SmartConsole administrator accounts
• Session management and concurrent administration capabilities
• Assigning administrator profiles

Lab tasks

• Create administrator accounts and assign profiles
• Test administrator permissions and session controls
• Manage concurrent sessions and take over another administrator session

Object management

• Purpose and function of SmartConsole objects
• Overview of physical and logical object types
• Using objects to support policy operations

Lab tasks

• View and modify gateway and server objects
• View and modify network objects
• View and modify service objects

Security policy management

• Purpose of security policies
• Core elements of a policy rule
• Features that support efficient configuration and management

Lab tasks

• Verify the security policy
• Modify policy rules
• Install the standard policy
• Test rule outcomes

Policy layers

• Concept and function of ordered policy layers
• How layers affect traffic inspection
• Creating inline layers such as DMZ layer

Lab tasks

• Add an ordered layer
• Configure and deploy ordered layer rules
• Test the ordered layer policy
• Create an inline DMZ layer and test outcomes

Security operations monitoring

• Purpose of monitoring in Check Point environments
• Log server configuration and tuning
• Querying and filtering log data
• Monitoring system states and blade status

Lab tasks

• Configure log management settings
• Enhance rulebase view and logging behaviours
• Review logs and execute targeted searches
• Configure the monitoring blade
• Monitor system status

Identity awareness

• Purpose and function of Identity Awareness
• Core components and identity sources
• Integrating identity into policy

Lab tasks

• Adjust the security policy for identity awareness
• Configure the identity collector
• Define user access roles
• Test identity-based access

HTTPS Inspection

• Purpose of HTTPS Inspection
• Essential components and configuration concepts

Lab tasks

• Enable HTTPS Inspection
• Adjust access control rules
• Deploy the gateway certificate
• Test and analyse policy behaviour with inspection enabled

Application control and URL filtering

• Purpose of application and URL filtering
• Core elements and configuration workflow

Lab tasks

• Adjust the access control policy
• Create and modify application and URL filtering rules
• Test and refine rules

Threat prevention fundamentals

• Purpose of Autonomous Threat Prevention
• Key components of the threat prevention solution

Lab tasks

• Enable Autonomous Threat Prevention
• Test threat prevention outcomes

Exams and assessments
This course prepares learners for Exam 156-215.82. No formal assessment is included within the training delivery. Learners complete structured labs and knowledge checks throughout the course to reinforce understanding and practical competence.

Hands-on learning
The course includes extensive hands-on labs, guided configuration tasks, and real-world scenarios. Learners perform live configurations across Gaia, Smart Console, Identity Awareness, HTTPS Inspection, threat prevention, and policy management. Instructors support learners through troubleshooting and validation of each exercise.