• Describe the fundamentals of the NGFW solution.
• Plan and execute the deployment of a NGFW engine and Security Management Center.
• Configure the routing for a NGFW deployment.
• Configure security policies and access control.
• Configure the system for a distributed environment using NAT, locations, and contact addresses.
• Deploy and configure a firewall cluster.
• Review an example of the deployment and configuration of an MSSP architecture.
• Configure and utilize multiple internet connections.
• Define Multi-Link Policy-based VPNs.
• Integrate with Active Directory to manage users and authentication.
• Create a mobile VPN and deploy a VPN client.
• Perform traffic inspection and recognition of Network Applications.
• Customize and fine-tune Inspection policies.
• Implement file filtering and malware detection.
• Describe the concepts of traffic normalization and the use of situations.
• Configure TLS decryption.
• Define key features and distinctives of the IPS and Layer 2 Firewall roles.
• Integrate the NGFW with Forcepoint cloud solutions.
• Troubleshoot the NGFW engines, clusters, and SMC.

Module 1: System Architecture Overview

• Articulate the NGFW System Architecture.
• Understand how to size a firewall and management environment.
• Understand Management and Log Server high availability.
• Become familiar with upgrading Management Server, Log Server, and engines.
• Articulate the Forcepoint NGFW license model.

Module 2: Firewall/VPN Role and Single Firewall Deployment

• Describe basic network defence strategies.
• Define the capabilities and key features of the NGFW.
• Understand and learn the process of defining and deploy a single firewall.
• Identify additional features of the NGFW.

Module 3: Routing and Anti-spoofing

• Configure static routing.
• Describe additional special routing capabilities of the NGFW.
• Understand route metrics and route monitoring.
• Summarize the origin and function of Anti-spoofing.

Module 4: NGFW Policies

• Describe different NGFW policy types.
• Define NGFW policy templates and policy structure.
• Identify the anatomy of a security policy and the objects used in policies.
• Detail the process of policy installation and activation.

Module 5: Distributed System Configuration

• Describe system communication in a distributed firewall environment.
• Identify locations and contact addresses in distributed systems.
• Describe system communication between management and engines.
• Configure Network Address Translation (NAT).

Module 6: Firewall/VPN Role and Clustering technology

• Describe the firewall clustering architecture and theory.
• Configure a firewall cluster in the SMC (management).
• Employ NGFW interface options.
• Deploy a firewall cluster.

Module 7: MSSP and Virtual Contexts

• Describe the SMC Domain Architecture.
• Detail the function of the Web Portal Server.
• Define Virtual Contexts.
• Relate Master Engines and Virtual Engines.
• Relate clustering and performance.
• Review a configuration and deployment example of an MSSP architecture.

Module 8: Outbound Multi-Link Technology

• Describe Outbound Traffic Management and its capabilities.
• Explain ISP link selection.
• Classify when to use a particular link selection method.
• Configure Outbound Multi-Link.

Module 9: Site-to-Site VPNs

• Define Forcepoint NGFW VPN capabilities.
• Define Forcepoint NGFW VPN terminology.
• Identify supported VPN topologies.
• Relate Multi-Link and VPNs.
• Test VPN-related tools in the SMC.
• Configure a Multi-Link Policy-Based VPN.
• Investigate Route-Based VPNs and when to use them.
• Design VPN Hub configuration.

Module 10: Active Directory Integration

• Define network user management.
• Integrate Active Directory with the SMC (management).
• Categorize the role of NPS, LDAP authentication, RADIUS, and TACAC+ in the authentication process.
• Deploy Forcepoint User Identification.
• Configure and deploy the Endpoint Context Agent.
• Monitor network users.

Module 11: VPN Client

• Describe Mobile VPN connections.
• Distinguish IPSec and SSL VPN tunnelling.
• Configure an NGFW engine for Mobile VPN connections.
• Configure the VPN Client for an endpoint.
• Demonstrate tools for Mobile VPN troubleshooting.

Module 12: Traffic Inspection

• Review connection control and the role of Deep Inspection.
• Differentiate between Services, Protocol Agents, and Proxy Modules.
• Configure a Sidewinder Proxy service.
• Establish Network Application Identification.
• Differentiate Network Applications and Client Applications.

Module 13: Inspection Policies

• Relate firewall and inspection policies.
• Illustrate the anatomy of Inspection Policies.
• Differentiate the predefined Inspection Policy templates.
• Define the concept of Situations.
• Define the function of the Inspection Rules tree.
• Fine-tune inspection policies.
• Analyze the role and function of Inspection Exception rules.
• Analyze the use and function of Blacklisting.

Module 14: Malware Detection and File Filtering

• Explain the process of Malware Detection.
• Illustrate the anatomy of a File Filtering Policy.
• Define the process of using File Reputation services.
• Configure built-in Anti-Malware scanning.
• Describe the role of Advance Malware Detection.

Module 15: NGFW Inspection Techniques

• Define techniques used by the NGFW to identify threats.
• Detail the traffic inspection process.
• Explain the role of Advanced Evasion Techniques and the process of traffic normalization.
• Describe misuse detection with Fingerprints.
• Describe concept of Situations and their role in traffic inspection.
• Analyze Regular Expression syntax.
• Review examples of fingerprints.

Module 16: TLS Inspection

• Articulate the purpose of TLS inspection.
• Describe TLS inspection exceptions.
• Define the process of Server and Client-Side TLS inspection.
• Configure the TLS inspection.

Module 17: NGFW in Layer 2 Roles and Multi-Layer Deployment

• Identify NGFW Operating Roles.
• Define key features of the IPS and Layer 2 Firewall roles.
• Understand the difference between the Firewall and IPS.
• Describe a Layer 2 Policy.
• Configure and deploy a multi-layer NGFW.
• Analyze the role of High Availability in multi-layer deployments.

Module 18: Forcepoint Integration

• Configure integration with Forcepoint Web Security Cloud.
• Detail how to integrate with Forcepoint Advanced Malware Detection.
• Review the Malware Detection process.
• Understand information exchange using Syslog or other SIEM solutions.

Module 19: Troubleshooting

• Detail the NGFW packet inspection process.
• Review the troubleshooting process and learn troubleshooting tips.
• Define the role of sgInfo in troubleshooting.
• Explore how to troubleshooting with logs.
• Understand how to troubleshoot a VPN.
• Analyze the role of monitoring in troubleshooting.
• Troubleshoot the NGFW engine.

• End-user/customers: system administrators, network security administrators, network engineers, IT staff
• Channel partners: consultants, system architects, integrators and planners who help customers with forcepoint NGFW implementations
• Forcepoint: sales engineers, professional services, technical support

• Completion of the Forcepoint NGFW Administrator Course and certification
• General understanding IPv4 networking concepts (TCP/IP, routing, firewall functionalities, VPN, deep packet inspection)
• Basic knowledge of Active Directory/User Directory concepts