This Course Provides an understanding of the basic concepts and skills necessary to configure and deploy Check Point CloudGuard IaaS products in public cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform.
- Understanding Cloud Fundamentals
- Introducing CloudGuard Protections
- Deploying CloudGuard
- CloudGuard Security Policy
- Automating CloudGuard Protections
- Dome9 Security for IaaS Cloud Infrastructure
- Build secure public Azure and AWS clouds using the
hub and spoke network architecture
- Deploy a Check Point Security Management server
- Configure the CloudGuard service and Security Gateway autoprovisioning operations on the Security Management Server
- Manually deploy a Security Gateway in the South
- Autoprovision Security Gateways in the North hub
and the South hub
- Launch a web server in each spoke network
- Create a Security Policy that allows inbound traffic to the reach the hubs and web servers inside the spoke virtual networks
- Connect the CloudGuard Controller to Azure and AWS clouds and import cloud objects into the Security Policy
- Test web server connectivity
- Test security protections with the Check Me tool
- Explain cloud network functions, service models, and deployment options.
- Identify CloudGuard’s primary components that protect cloud environments and data centres.
- Understand the key elements and basic concepts of the Secure Public Cloud Blueprint.
- Describe the deployment options available for CloudGuard IaaS instances.
- Recall the general troubleshooting resources and the misconfiguration issues that impact CloudGuard deployments.
- Recognise the security policy layers and security object settings used in cloud security configurations.
- Learn how to create an adaptive Security Policy with a cloud-context aware rulebase.
- Understand the process of automating Security Policy enforcement on Security Gateways.
- Recognise the types of cloud automation resources that support adaptive security protections.
- Describe the cloud components and methods that support autoprovisioning CloudGuard instances.
- Describe the Dome9 SaaS protections available for IaaS public cloud infrastructures.
- Understand how to define users, build Security Policy, and configure system logging and alerts.
- Learn how to control network security access within public cloud environments.
- Identify the reports that find non-compliant cloud resources in public cloud accounts.
- Know which tools provide automated remediation to non-compliant cloud resources.
- Understand how to use cloud analytics to improve the visibility of a cloud account
- Prepare for exam #156-315.80 at security status.