MDM Enterprise Firewall Management

Course MDM Enterprise Firewall Management

Firewalls are at the center of an enterprise's infrastructure and are the only component that can control and monitor activity on the network at all layers. This ability to monitor all levels of activity can be leveraged by staff beyond the firewall team. Access to a Multi-Domain Server (MDS) CheckPoint firewall environment is also required by staff members who do so on an occasional basis, including:

  • Auditors
  • Help Desk
  • 24-7 Security/Network Operations Center
  • Information Risk Management
  • Management
  • Enterprise Network Architects
  • Remote/Temporary/Backup firewall administrative staff

Because access can be infrequent, it is difficult for them to understand and remember how to efficiently and safely gather the information they require to perform their tasks.

This course is designed for individuals that require a general overview of MDM (formerly Provider1) environments. The course will cover:

  • MDS management station
  • SmartGateway
  • SmartCenter
  • Intrusion Prevention System
  • VPN
  • Application Control/URL Filtering
  • Logging
This course has approximately 20+ hands-on labs to perform administration and debugging of these systems.
The biggest difference between this class and formal CCSA/E training is that CCSA/E is designed to help students install and configure firewalls out of the box on Day 1.


How many times have we heard this line? This course is intended as a follow-on to CCSA/E for advanced administration and debugging of your whole network environment (not just the firewalls) from Day 2--after the install--through Day XXXXXX, to prove/disprove a firewall problem. The course has been expanded to show how the firewalls and associated logging can be used as a tool to debug 'beyond the firewall' problems such as network latency, intermittent application errors, application protocol errors, identifying downed components, etc.

NOTE: This course is not designed as a replacement for CCSA, CCSE or CCMSE.

The first two days provide enough background and hands-on debugging to prepare for Day 3, which consists of several rounds of games of 'Break and Detect'. The instructor will implement various 'breaks' in the environment, and all teams in the class will race against the clock to detect the problem. Teams are encouraged to share information to find the problem. If two teams come up with the solution in the allotted time, all the teams are declared winners, with various prizes raffled off after each round.



3 8-hour days

  1. Day One: Environment Overview: TCP/IP, Information Security Basics, Dil In The Life of a Hacker,
  2. Day Two: Basic Firewall Management: SmartGateway/SmartCenter
  3. Day Three: MDM and Enterprise Firewall Detect and Fix
    This is where the fun starts. Teams of students working together to find, detect (and sometimes fix) failed network applications. Debugging starts at the physical layer and ends only when the application is working 100% again. Could be the firewall or could be??????

 for a highly detailed outline.


There are about 20 labs in this course. Students spend most of their in-class time on labs. Labs will be instructor led. Instructor will demonstrate each step and students will repeat on their own lab environments. The goal is to reinforce the course materials through hands-on experience. The important lesson to be learned is that the firewall is not always the problem, and just as important, that the firewall can be used as a tool to diagnose wider enterprise issues.

  1. Mandatory
    1. TCP/IP Networking - IP addressing, routes, ports,
  2. Helpful
    1. Some Provider-1 and SmartGateway experience would be helpful
    2. General knowledge of CheckPoint products
    3. General Unix commands for navigation
  1. 6 - laptops with VMware environments
  2. Powerpoint slides