About this Course

Course Code TPFPT_NGFW-ADMIN
Duration 3 Days

During this four day training course, you will learn how to install, configure, administer, and support Stonesoft NGFW.

Through instruction, demonstrations, and hands-on lab practice exercises, you will learn the requirements and recommendations to successfully deploy Stonesoft NGFW in a variety of network environments. You will develop expertise in creating security rules and policies, managing users and authentication, understanding multi-link technology, configuring VPNs, deep traffic inspection, performing common administration tasks including status monitoring and reporting.

Prerequisites

Working knowledge of Microsoft Windows administration, system administration concepts, a basic understanding of computer security concepts, and a general understanding of Internet services.

Who should attend?

Channel Partners:

  • Consultants, system architects, integrators and planners who help customers with Stonesoft NGFW implementations.

Forcepoint Sales Engineers:

  • Forcepoint personnel who provide pre-sales and post-sales support for Stonesoft NGFW.

Delegates will learn how to

  • Understand the fundamentals of NGFW
  • Understand different installation methods
  • Understand SMC capabilities
  • Understand FW/VPN roles and clustering
  • Configure routing
  • Configure security policies
  • Understand Multi-Link technology
  • Configure Multi-Link VPNs
  • Manage users and authentication
  • Configure IPsec and SSL VPNs
  • Perform traffic and deep inspection
  • Perform common administration tasks
  • Understand monitoring capabilities
  • Configure reporting

Outline

Day 1
1) Introductions

  • Participant introductions
  • Logistics
  • Course Objectives

2) Next Generation Firewall Engine

  • NGFW History & Background
  • Key Benefits and Differentiators
  • Operating Modes
  • Hardware Platforms and Virtualization
  • Installation Methods
  • Licensing and Add-ons

3) SMC Overview

  • NGFW System Architecture
  • SMC Components / Supported Platforms
  • Management & Log Server Properties
  • WebPortal Server Properties
  • Deployment Options
  • Status View / Configuration View
  • Management Client Tools
  • Local Manager

4) FW/VPN Role and Clustering

  • NGFW FW/VPN Role & Requirements
  • Multi-layer Inspection
  • Single NGFW Overview
  • Clustering Technology
  • Firewall Cluster
  • IPS Serial Clustering
  • Additional Firewall Features
  • NGFW Engine Architecture

5) Routing and Anti-Spoofing

  • Static Routing Configuration
  • Special Routing Conditions
  • Policy Routing
  • Dynamic Routing Overview

6) Security Policies

  • Policy Types
  • Packet Processing Flow
  • Firewall Templates and Policy
  • Structure
  • Firewall Policy
  • Policy Tools & Rule Options
  • NAT Definition
  • Address Translation Options
  • Proxy ARP and NAT

Day 2
7) Log Data Management

  • Purpose of Logs
  • Log Entry Types
  • Logging Generation
  • Log Data Pruning
  • Logs View
  • Visualizing Logs
  • Filters
  • Third Party Logs

8) Multi-Link Technology

  • Outbound Traffic Management
  • Link Selection Methods
  • Outbound Multi-Link Configuration
  • Server Pools
  • Multi-Link for Inbound Traffic
  • Configuring Server Pools and
  • Inbound Multi-Link

9) Multi-Link VPN

  • Overview of VPNs
  • VPN Topologies
  • VPN High Availability
  • Policy-Based VPN Configuration
  • VPN Tools
  • Route-Based VPN

10) Users and Authentication

  • Managing Users
  • Directory Servers
  • Supported Authentication Methods
  • User Authentication Process
  • Browser Based Authentication

Day 3
11) IPsec VPN Client

  • Mobile VPN Connections
  • IPsec VPN vs SSL VPN Tunneling
  • VPN Client Configuration - Gateway Side
  • VPN Client Configuration - Client Side
  • Troubleshooting Tools

12) SSL VPN

  • Client Based and Clientless Access
  • SSL VPN Portal Overview
  • SSL VPN Services
  • Routing Methods
  • SSL VPN Portal Configuration

13) Traffic Inspection in Access Rules

  • Traffic Inspection
  • Protocol Agents
  • Applications
  • Web Filtering
  • Anti-Virus
  • Anti-Spam
  • GTI and ATD
  • Deep Inspection
  • TLS Inspection

Day 4
14) Inspection and File Policies

  • Deep Inspection
  • NGFW Policy Templates
  • Predefined Inspection Policies
  • Situation Concepts
  • Inspection Rules Tree
  • Fine-Tuning Inspection
  • Inspection Exception Rules
  • Rule Options
  • Blacklist
  • Packet Inspection Procedure

15) Administration Tasks

  • Role-Based Access Control
  • Alert Process
  • Log Management Tasks
  • Log Forwarding
  • System Upgrades and Backups
  • SMC High Availability
  • Location and Contact Addresses
  • Troubleshooting / Support

16) Monitoring, Statistics and Reports

  • Status Monitoring
  • Overviews
  • Reports
  • Report Designs, Sections, and Items
  • Geolocation Maps
  • Session Monitoring
  • Third-Party Monitoring

3 Days

Duration

This is a QA approved partner course

Delivery Method

Delivery method

Classroom

Face-to-face learning in the comfort of our quality nationwide centres, with free refreshments and Wi-Fi.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.