Check Point Firewall Administration R81.10+: A practical guide to Check Point firewall deployment and administration

Yakovlev, Vladimir

  • 出版商: Packt Publishing
  • 出版日期: 2022-08-29
  • 售價: $2,090
  • 貴賓價: 9.5$1,986
  • 語言: 英文
  • 頁數: 654
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 180107271X
  • ISBN-13: 9781801072717
  • 海外代購書籍(需單獨結帳)



Improve your organization's security posture by performing routine administration tasks flawlessly

Key Features

- Get a gradual and practical introduction to Check Point firewalls
- Acquire the knowledge and skills necessary for effective firewall administration, maintenance, and troubleshooting
- Create and operate a lab environment with gradually increasing complexity to practice firewalling skills

Book Description

Check Point firewalls are the premiere firewalls, access control, and threat prevention appliances for physical and virtual infrastructures. With Check Point's superior security, administrators can help maintain confidentiality, integrity, and the availability of their resources protected by firewalls and threat prevention devices. This hands-on guide covers everything you need to be fluent in using Check Point firewalls for your operations.

This book familiarizes you with Check Point firewalls and their most common implementation scenarios, showing you how to deploy them from scratch. You will begin by following the deployment and configuration of Check Point products and advance to their administration for an organization. Once you've learned how to plan, prepare, and implement Check Point infrastructure components and grasped the fundamental principles of their operation, you'll be guided through the creation and modification of access control policies of increasing complexity, as well as the inclusion of additional features. To run your routine operations infallibly, you'll also learn how to monitor security logs and dashboards. Generating reports detailing current or historical traffic patterns and security incidents is also covered.

By the end of this book, you'll have gained the knowledge necessary to implement and comfortably operate Check Point firewalls.

What you will learn

- Understand various Check Point implementation scenarios in different infrastructure topologies
- Perform initial installation and configuration tasks using Web UI and the CLI
- Create objects of different categories and types
- Configure different NAT options
- Work with access control policies and rules
- Use identity awareness to create highly granular rules
- Operate high-availability clusters

Who this book is for

Whether you're new to Check Point firewalls or looking to catch up with the latest R81.10++ releases, this book is for you. Although intended for information/cybersecurity professionals with some experience in network or IT infrastructure security, IT professionals looking to shift their career focus to cybersecurity will also find this firewall book useful. Familiarity with Linux and bash scripting is a plus.




- 逐步且實用地介紹 Check Point 防火牆
- 獲得有效的防火牆管理、維護和故障排除所需的知識和技能
- 建立並操作一個逐漸增加複雜性的實驗環境,以練習防火牆技能


Check Point 防火牆是物理和虛擬基礎設施的頂級防火牆、存取控制和威脅防護設備。憑藉 Check Point 卓越的安全性,管理員可以幫助維護受防火牆和威脅防護設備保護的資源的機密性、完整性和可用性。這本實用指南涵蓋了您在使用 Check Point 防火牆進行操作時所需的一切。

本書使您熟悉 Check Point 防火牆及其最常見的實施場景,並向您展示如何從頭開始部署它們。您將首先跟隨 Check Point 產品的部署和配置,然後進一步進行組織的管理。一旦您學會了如何計劃、準備和實施 Check Point 基礎組件,並掌握了其操作的基本原則,您將被引導進行越來越複雜的存取控制策略和規則的創建和修改,以及其他功能的添加。為了無瑕疵地執行日常操作,您還將學習如何監視安全日誌和儀表板。本書還介紹了生成有關當前或歷史流量模式和安全事件的報告。

通過閱讀本書,您將獲得實施和舒適操作 Check Point 防火牆所需的知識。


- 了解不同基礎設施拓撲中的各種 Check Point 實施場景
- 使用 Web UI 和 CLI 執行初始安裝和配置任務
- 創建不同類別和類型的對象
- 配置不同的 NAT 選項
- 使用存取控制策略和規則
- 使用身份感知創建高度細緻的規則
- 操作高可用性集群

本書適合對 Check Point 防火牆尚不熟悉或希望了解最新的 R81.10++ 版本的讀者。雖然本書面向具有一定網絡或 IT 基礎設施安全經驗的信息/網絡安全專業人士,但希望將職業重點轉向網絡安全的 IT 專業人士也會發現這本防火牆書籍很有用。熟悉 Linux 和 bash 腳本編寫是一個加分項目。


Vladimir Yakovlev, CISSP, is an Infrastructure and Security Solutions Architect and CTO at Higher Intelligence LLC., a consulting company. An International Information Systems Security Certification Consortium’s community champion, speaker at international and regional conferences, he has worked with various Check Point products for over 20 years. He’s been awarded Member of the Year and a Contributor of the Year designations by peers and previously held the roles of Sr. V.P. Technology and CISO, responsible for design, implementation, and operation of multiple iterations of secure and resilient infrastructures in financial industry. Vladimir enjoys helping others and could be found in CheckMates, LinkedIn and ISC2 communities.


Vladimir Yakovlev,CISSP,是Higher Intelligence LLC.的基礎架構和安全解決方案架構師兼首席技術官。他是國際信息系統安全認證聯盟的社區代表,也是國際和地區性會議的演講嘉賓。他在過去20年中一直與各種Check Point產品合作。他曾獲得同行的年度會員和年度貢獻者稱號,並曾擔任高級副總裁技術和首席信息安全官的職務,負責金融行業中多個安全和可靠基礎架構的設計、實施和運營。Vladimir樂於助人,您可以在CheckMates、LinkedIn和ISC2社區中找到他。


1. Introduction to Check Point Firewalls and Threat Prevention Products
2. Common Deployment Scenarios and Network Segmentation
3. Building a Check Point Lab Environment – Part 1
4. Building a Check Point Lab Environment – Part 2
5. Gaia OS, the First Time Configuration Wizard, and an Introduction to the Gaia Portal (WebUI)
6. Check Point Gaia Command-Line Interface; Backup and Recovery Methods; CPUSE
7. SmartConsole – Familiarization and Navigation
8. Introduction to Policies, Layers, and Rules
9. Working with Objects – ICA, SIC, Managed, Static, and Variable Objects
10. Working with Network Address Translation
11. Building Your First Policy
12. Configuring Site-to-Site and Remote Access VPNs
13. Introduction to Logging and SmartEvent
14. Working with ClusterXL High Availability
15. Performing Basic Troubleshooting


1. Check Point防火牆和威脅防護產品介紹
2. 常見的部署場景和網絡分割
3. 構建Check Point實驗環境-第一部分
4. 構建Check Point實驗環境-第二部分
5. Gaia操作系統、首次配置嚮導和Gaia Portal(WebUI)介紹
6. Check Point Gaia命令行界面;備份和恢復方法;CPUSE
7. SmartConsole-熟悉和導航
8. 策略、層和規則介紹
9. 使用對象-ICA、SIC、管理、靜態和變量對象
10. 使用網絡地址轉換
11. 構建第一個策略
12. 配置站點到站點和遠程訪問VPN
13. 日誌和SmartEvent介紹
14. 使用ClusterXL高可用性
15. 基本故障排除操作