Security Gateways
An extensive course on the use of Firewalls including network protection, tools, and best practices to keep your systems safe.
100 hours
100 hours


Hackers use the Web to infiltrate companies’ databases, detect, target, and attack weak spots. These invasive attacks expose our data to numerous threats which potentially jeopardize the entire organization. Modern IT systems need to have the right tools, and IT teams globally are looking for fully trained professionals. Completing our Security Gateways course will prepare any professional for a role in the world of cybersecurity.  
This course dissects firewalls in detail, from the principles and functions of a firewall to the latest services a modern firewall should provide. Clients will learn how to configure firewall rules based on protocol, port, and IP address. Use NAT and understand the use of each blade in Check Point Firewall Software.

The course covers the following topics:


It’s important to improve the accordion’s behaviour

Firewall Concepts
  • Firewalls and Their Evolution
  • Access Control Lists or Stateless Inspection Firewalls
  • Stateful Inspection firewalls
  • The Stateful Inspection Advantage –Passive FTP Example
  • Unified Threat Management
  • Next-generation firewalls
  • Zone based vs. Interface Based Firewalls
  • Introduction to the Check Point Technology
  • Components of the Check Point Solution
  • SmartConsole
  • Supported Authentication Schemes
  • Check Point Password Authentication
  • OS Password Authentication
  • RADIUS Server
  • SecurID Server
  • TACACS Server
  • Check Point Deployment Options – The Architecture
  • Securing the Communication channel – Check Point SIC (Secure Internal Communication)
Working with the Security Policy, Best Practice, Logs & Troubleshooting
  • The Security Policy
  • Creating and Managing Objects
  • Creating a Strong Firewall Security Policy – Rule Base Fundamentals
  • Creating a Secure Firewall Security Policy – Rule Base Best Practices
  • Working with Logs & Monitoring Traffic in a Check Point based environment
  • Tracking Options: Alert, Log, None
  • Catalog of Views and Reports
  • Reports
  • Filters
  • Log Analysis
  • Using the Log View
  • Searching the Logs
  • Creating Custom Queries
  • Selecting Query Fields
  • Query Language Overview
  • Event Details
Introduction to the Command Line Interface CLI & NAT
  • Command Line Interface
  • Commands and Features
  • Clish , expert modes
  • Useful Commands
  • Basic Concepts in Network Address Translation
  • NAT Types
  • Private Networks address spaces
  • Static NAT
  • Hide NAT
  • Choosing the Hide Address in Hide NAT
  • Hide NAT Using Another Interface IP Address
  • Manual NAT
Identity Awareness & VPN
  • Identity Sources
  • How AD Query Works
  • Browser-Based Authentication
  • How Captive Portal Works – Firewall Rule
  • How Transparent Kerberos Authentication Works
  • Site to Site VPN
  • Sample VPN Access Control Rules
  • VPN workflow
  • VPN Communities
  • Topologies
  • Sample Star Deployment
  • Sample VPN Access Control Rules
  • IPsec & IKE
  • IKE Phase I
  • IKE Phase II
  • Diffie Hellman Groups
  • Remote Access VPN
  • VPN Connectivity Modes
  • Office Mode / Visitor Mode
  • Remote Access VPN Workflow
  • Configuring the Security Gateway for a Remote Access Community
  • Mobile Access to the Network
  • Client-Based vs. Clientless
  • Sample Mobile Access Deployment
  • Using the Mobile Access Configuration Wizard
  • Allowing Mobile Connections
Threat Prevention
  • Threat Prevention Components
  • IPS
  • Anti-Bot
  • Anti-Virus
  • Threat Emulation
  • Threat Extraction
  • Threat Prevention Policy
  • Workflow for Creating a Threat Prevention Policy
  • Threat Prevention Policy Layers
  • Action Enforcement in Multiple-Layered Security Policies
  • Examples
  • Threat Prevention Rule Base
  • Parts of the Rules
  • IPS Configuration
  • Anti-Bot Configuration
  • Anti-Virus Configuration
HTTPS Inspection and URL filtering
  • HTTPS Inspection
  • Outbound Connections
  • Inbound Connections
  • Configuring Gateways to inspect HTTPS
  • HTTPS Inspection Policy
  • Sample HTTPS Inspection Rule
  • Monitoring Applications
  • Blocking URL Categories
Don't touch this tab

About CYBERPRO was founded in cooperation with international information security and instruction authorities who bring to Israel world-leading cyber training technologies and a learning experience of the highest standard available today.

The partners include the IITC group which has been training graduates for the high tech industry for over 20 years, and was selected as the training center for the Cisco Company in Israel.

CYBERPRO’s advanced, sought-after training courses in the areas of infrastructures, information security and cyber are world famous. These training courses were developed by some of the best cyber experts in the world, for international security organizations that emphasize the high training capabilities, the professional learning methods and the unique training and practice technologies. Our connection with international groups allows our students to be exposed to unique employment opportunities in Israel and abroad.

The training and learning tracks are all based much hands-on practice and preparation for the industry and profession requirements, so they include technological labs and practice sessions using one of the most advanced simulators in the world.

    • System administrators
    • People with good networking knowledge
    • Basic understanding of networking is an advantage
    • Understanding the firewalls concept
    • Creating rule-based policies for the organization
    • Understanding NAT
    • Configuring site to site VPN
    • Using the firewall for threat prevention
    • Identity awareness in firewalls
    • Other firewall UTM features (URL filtering, web filtering)