Module 0: Introduction
- Prepare to use the virtual training environment.
Module 1: NGFW Overview
- List NGFW benefits and/or differentiators.
- Explain the differences between the operating roles.
- Describe the NGFW engine and appliances.
- Describe at least one of the installation methods.
- Explain the three platforms on which the NGFW can be deployed.
Module 2: SMC Overview
- Describe the Security Management Center and its key features.
- Describe the NGFW system architecture.
- Identify the ports used for communication between SMC components.
- Explain the use of locations and contact addresses.
- Explain the use of SMC Domains.
Module 3: Getting Started with SMC
- Describe the management client and how it works.
- Create system backups.
- Describe SMC high availability options.
- Configure SMC Administrator Access
- Apply configuration to NGFW engines.
- Describe how logs work.
Module 4: NGFW Policies and Templates
- Describe the types of NGFW policies.
- Define firewall policy templates.
- Create a firewall policy hierarchy.
- Describe the benefits of aliases and continue rules.
Module 5: Access Control and NAT
- Explain how traffic is matched in access rules.
- Explain the different types of access rules.
- Describe the actions for processing traffic in access rules.
- Explain the different types of NAT.
- Configure NAT rules.
Module 6: Traffic Inspection.
- Explain the difference between service, service with protocol, and proxy.
- Explain enhanced access control methods.
- Explain different ways to control applications.
- List the detection methods used in the NGFW Inspection.
- Describe AETs and normalization.
- Describe TLS Inspection.
- Configure Snort inspection on the NGFW.
- List the Forcepoint products that integrate with the NGFW.
Module 7: Inspection Policies
- Explain how to send traffic for deep packet inspection.
- Describe Situations and how to use them.
- Define the different type of rules in the inspection policy.
- Tune an inspection policy.
Module 8: Malware Detection and File Filtering Policies
- List the different options for detecting malware.
- Explain how to send traffic for malware detection.
- Configure a file filtering policy.
- Integrate the NGFW with a Data Loss Prevention system
Module 9: Alerting and Notifications
- Explain the alert escalation process in the NGFW system.
- Create an alert policy and alert chain to escalate an alert.
Module 10: Users and Authentication
- Identify supported directory servers and authentication methods.
- Explain the browser-based user authentication mechanism.
- Configure user authentication.
- Differentiate between user authentication and user identification.
- Explain the difference between the Forcepoint FUID and ECA.
- Configure user behavior monitoring
Module 11: Mobile VPN and SSL VPN Portal
- List NGFW Mobile VPN Access options.
- Describe the SSL VPN Portal and the URL Rewrite translation method.
- Configure an SSL VPN Portal.
Module 12: Site-to-Site VPN
- Define the terms used in NGFW VPN Terminology.
- Explain how Site-to-site VPNs work
- Describe Full Mesh, Star and Hub VPN topologies
- List SD-WAN features supported by the NGFW.
- Configure a Policy-Based VPN.
- Describe How a Route-based VPN Works.
Module 13: Using Logs
- Describe the log entry types available in the NGFW.
- Use the interface to interpret and analyze logs.
- Configure and Manage Logs.
- Create permanent filters.
- Analyze how pruning filters affect log data.
- Configure the log server to forward logs to third-party SIEM systems.
- Describe the methods available for managing the space consumed by log data.
Module 14: Monitoring, Statistics, and Reporting
- Describe the benefits of Policy Snapshots.
- Search rules in an NGFW Policy.
- Analyze policy structure and apply tools to optimize the access rules.
Module 15: Policy Tools
- Monitor the system and firewall activity.
- Describe the use of overviews in the SMC user interface.
- Configure and generate reports.
- Monitor third-party components.
Module 16: Troubleshooting
- Explain the troubleshooting process.
- Use the SMC to troubleshoot your systems.
- Explain how to collect diagnostics for Support.
- Resolve common SMC issues.
- Explain how NGFW packet processing works.
Module 17: Single Firewall Installation (classroom only)
- Describe NGFW deployment options.
- List features specific to single firewalls.
- Configure a single firewall in the SMC.
- Configure an NGFW engine for initial contact with the SMC.
- Establish the trust between SMC and a newly installed NGFW engine.
Module 18: What’s new in NGFW
- Identify key features new to the NGFW in version 6.10.
- Locate the documentation needed to implement these features.