Check Point Security Administration (CCSA)

Overview

This course introduces learners to the core concepts, capabilities, and administrative workflows required to configure, manage, and monitor a Check Point Quantum Security Environment. Participants develop practical skills using both the Gaia Portal and the Gaia Command Line Interface while gaining experience with Smart Console and the Check Point three-tier architecture. The course provides hands-on practice with object management, security policies, ordered and inline layers, HTTPS Inspection, Identity Awareness, Application Control and URL Filtering, and Autonomous Threat Prevention. Through guided labs and real-world exercises, learners build confidence in securing, optimising, and maintaining a Quantum deployment.

Prerequisites

Participants should have knowledge of:

• Unix-like and Windows operating systems
• Internet fundamentals
• Networking fundamentals
• Network security principles
• System administration
• TCP/IP networking
  

Target audience

This course is designed for:

• Security administrators
• Security engineers
• Security analysts
• Security consultants
• Security architects

The content also aligns to NIST/NICE work role categories for implementation and operation, and protection and defence.

Objectives

By the end of this course, learners will be able to:

• Describe the Check Point three-tier architecture and its role within a Quantum Security Environment.
• Navigate the Gaia Portal, Gaia Command Line Interface, and core SmartConsole views.
• Create and manage administrator accounts, profiles, and collaborative session controls.
• Configure physical and logical objects within SmartConsole to support policy design.
• Create, modify, and validate security policies aligned to organisational access requirements.
• Implement and test ordered layers and inline layers to improve inspection accuracy.
• Monitor system performance, logs, events, and platform state using SmartConsole and Gaia tools.
• Configure Identity Awareness components and integrate user identity into policy rules.
• Enable and tune HTTPS Inspection for encrypted traffic visibility.
• Implement Application Control and URL Filtering to govern application and web access.
• Enable and validate Autonomous Threat Prevention to elevate overall security posture.

Outline

Introduction to Quantum Security

• Overview of the Check Point three-tier architecture
• Interaction between management, log servers, and gateways
• Navigating core SmartConsole views
• Accessing and reviewing Gaia on management servers, log servers, and gateway clusters

Lab tasks

• Explore Gaia on management, log servers, and gateways
• Connect to SmartConsole
• Navigate gateways and servers, security policies, logs and events, and manage and settings views

Administrator account management

• Purpose of SmartConsole administrator accounts
• Session management and concurrent administration capabilities
• Assigning administrator profiles

Lab tasks

• Create administrator accounts and assign profiles
• Test administrator permissions and session controls
• Manage concurrent sessions and take over another administrator session

Object management

• Purpose and function of SmartConsole objects
• Overview of physical and logical object types
• Using objects to support policy operations

Lab tasks

• View and modify gateway and server objects
• View and modify network objects
• View and modify service objects

Security policy management

• Purpose of security policies
• Core elements of a policy rule
• Features that support efficient configuration and management

Lab tasks

• Verify the security policy
• Modify policy rules
• Install the standard policy
• Test rule outcomes

Policy layers

• Concept and function of ordered policy layers
• How layers affect traffic inspection
• Creating inline layers such as DMZ layer

Lab tasks

• Add an ordered layer
• Configure and deploy ordered layer rules
• Test the ordered layer policy
• Create an inline DMZ layer and test outcomes

Security operations monitoring

• Purpose of monitoring in Check Point environments
• Log server configuration and tuning
• Querying and filtering log data
• Monitoring system states and blade status

Lab tasks

• Configure log management settings
• Enhance rulebase view and logging behaviours
• Review logs and execute targeted searches
• Configure the monitoring blade
• Monitor system status

Identity awareness

• Purpose and function of Identity Awareness
• Core components and identity sources
• Integrating identity into policy

Lab tasks

• Adjust the security policy for identity awareness
• Configure the identity collector
• Define user access roles
• Test identity-based access

HTTPS Inspection

• Purpose of HTTPS Inspection
• Essential components and configuration concepts

Lab tasks

• Enable HTTPS Inspection
• Adjust access control rules
• Deploy the gateway certificate
• Test and analyse policy behaviour with inspection enabled

Application control and URL filtering

• Purpose of application and URL filtering
• Core elements and configuration workflow

Lab tasks

• Adjust the access control policy
• Create and modify application and URL filtering rules
• Test and refine rules

Threat prevention fundamentals

• Purpose of Autonomous Threat Prevention
• Key components of the threat prevention solution

Lab tasks

• Enable Autonomous Threat Prevention
• Test threat prevention outcomes

Exams and assessments
This course prepares learners for Exam 156-215.82. No formal assessment is included within the training delivery. Learners complete structured labs and knowledge checks throughout the course to reinforce understanding and practical competence.

Hands-on learning
The course includes extensive hands-on labs, guided configuration tasks, and real-world scenarios. Learners perform live configurations across Gaia, Smart Console, Identity Awareness, HTTPS Inspection, threat prevention, and policy management. Instructors support learners through troubleshooting and validation of each exercise.