0845 470 1000 / enquiries@flane.co.uk

Check Point Certified Security Master (CCSM)


Course Overview

This 3 day course is for customers and partners who want to learn the advanced skills to troubleshoot and configure Check Point Security Gateway and Management Software Blades. The goal is to validate a delegate's understanding and skills in subjects such as chain modules, NAT, ClusterXL, VPN, CoreXL, SecureXL, IPS, and IPv6 .

Certification Information:

This course prepares for exam #156-215.77 at which can be found at www.VUE.com/checkpoint This consists of 80 multiple-choice questions with a passing score of 70% in 90 minutes. A valid CCSE is also required.

Who should attend

  • System Administrators
  • Security Engineers
  • Network Engineers
  • CCSEs seeking higher certification



  • CCSE
  • General knowledge of TCP/IP
  • Working knowledge of Windows and UNIX
  • Working knowledge of network technology
  • Working knowledge of the Internet

Course Objectives

Course Objectives and Topics Include:

  • Review the cpview command and its parameters.
  • Navigate the CPView interface.
  • Use fw ctl chain to observe chain modules. Observe how policy changes impact the chain.
  • Use fw monitor to capture packets.
  • Use the fw debug process and debug infrastructures for user mode debugging.
  • Review the Connections table using fw tab.
  • Debug NAT issues using the fw ctl debug command.
  • Perform port forwarding on a gateway.
  • Configure port mapping services.
  • Understand Client Side and Server Side NAT.
  • Configure a proxy ARP for Manual NAT.
  • Use cphaprob to monitor cluster status and troubleshoot state synchronization.
  • Use vpn debug to debug site-to-site VPN.
  • Use ethtool to tune NIC performance.
  • Edit ARP Cache table to improve performance.
  • Use command fw ctl pstat to improve load capacity.
  • Use the fwaccel stat and fwaccel stats outputs to tune the firewall Rule Base.
  • Configure CoreXL for specific CPU task assignment.
  • Use fwaccel and sim to enable and disable accelerated traffic.
  • Debug the FWAccel and SIM modules using the fwaccel dbg and sim dbg commands.
  • Use IPS Bypass to manage performance.
  • Configure IPS to reduce false positives.
  • Deploy IPv6 in a local environment.
  • Perform debug in the MDS and DMS environments using the mdsenv and fw debug commands.
  • Debug the VSX management server using the fw debug command


Classroom Training

Duration 3 days

Price (excl. VAT)
  • United Kingdom: £ 1,795.-
Online Training

Duration 3 days

Price (excl. VAT)
  • United Kingdom: £ 1,795.-