how to get hands on

I am a Cisco guy (CCSP) and have never touched Checkpoint my entire career. (just never had a client of ours that used it).

That being said, how easy or hard is it to obtain the necessary software for a home lab? I have pc's with dual nics available.

Also, what do you guys see the most demand for nowadays. CCSA, CCSE or just general Checkpoint knowledge? I have worked exclusively with ASA/Pix's over the years and hope the learning curve is not too high!

Thanks!

Find more posts tagged with

Comments

Turgon

wera711 wrote: »

I am a Cisco guy (CCSP) and have never touched Checkpoint my entire career. (just never had a client of ours that used it).

That being said, how easy or hard is it to obtain the necessary software for a home lab? I have pc's with dual nics available.

Also, what do you guys see the most demand for nowadays. CCSA, CCSE or just general Checkpoint knowledge? I have worked exclusively with ASA/Pix's over the years and hope the learning curve is not too high!

Thanks!

Checkpoint has been all over the place in the shops I worked. Although a Cisco guy I dont get to see many PIX/ASAs so I have the opposite problem to yourself. Either go for a used Nokia on ebay or install an evaluation on a PC with a couple of NICs. With the PDFs on the checkpoint site and a couple of decent books off Amazon you will be good to go. Checkpoint is easy to use *badly*, because of the GUI.

wera711

cool thanks. What nokia model do you recommend? I'm sure the test is based on a certain version of the hardware/software. But are there olders ones that will work for a home lab?

thanks

Turgon

You find a mixture of models out in the field. CP versions I last worked with were R60 upgraded to R65. For Nokias get what you can afford and look out for IPSO used as the base OS. Variation of BSD.

PetterD

One of the problems you might have with CheckPoint installations are licensing (since the license is generated on the ip-address of the SmartCenter).

One way to workaround this in lab is to download and install SecurePlatform and use the included 15 day license, and reinstall every 15 days.

You can install on a supported server (or possibly others aswell) listed on SecurePlatform HCL: Hardware Compatibility List

Or you can install it in a VM.

kmj1268

This is a great discussion thread.
You can register for free at Check Point's site and then get access to download the lastest release which is R70. I just sat up a lab this weekend with SmartCenter on a Windows 7 box as a guest OS and using VM Workstation 7 to install my virtual machine. I then used a Nokia IP 380 with R65 on it. (That's the limitation with the IP380, you cant theoretically go beyond R65.) From there, you can get an eval copy of VMWorkstation 7 and install it on a compatible machine. You can approach it one of three ways. You can have on virtual machine for your Smart Center and/or you can choose another virtual machine as your gateway. This is the easiest route in my opinion, but you will have to have some experience working with virtual machines and how to set it up. You can run everything on one beefy server and have just one interface card in your machine and have the rest of the interfaces to be virtual network adapters. You can then install other VMs for Ubuntu and other OSs to share virtual networks which represent the DMZs. As someone else mentioned you have FULLY working functionality for 15 days, so you will have to re-install everything or set the date back.

Your other option would be to install the management server on your machine and get a used Nokia as was mentioned. I have purchased two IP380s for less than $200 for both. Also a cheaper route would be to grab a Penitum III 300Mhz or greater machine and install SPLAT on it and put a couple of network cards in it. You have some great resources available to prepare for the exam and all the PDFs on Check Point's site are FREE to study for the exam. However, for a more focused approach it would be easier to get the courseware. Each PDF is very lengthy but you will certainly have what you need if you really dived into the PDFs, it's just time consuming.

Hope this helps..
Good luck..
JMK