UTM Technical Resources
5 - 7 years experience • Security
Location:- Woodbury, MN,
· Seller to provide UTM Technical Resources to help with NAC implementation.
o Be current Check Point CCSA and CCSE (Certified on r75 or r77 within the last 2years)
o Be experienced in Firewall sizing and configuration
o Be experience moving OSPF routing from Cisco Core to UTM (Also known as inline)
o Be experience with building and utilizing Check Point Smart Dashboard on Check Point UTMS (Firewall, Anti-Virus, Anti-Bot, IDS/IPS, Advanced Routing (OSPF), Identity Awareness, and Application Control.
o 5Years hands-on troubleshooting (not just creating and deploying firewall rules) with Check Point UTM (GAiA-based) firewalls and be very proficient with:
The patience and understanding necessary to walk/talk someone through a 1st time config for a remote firewall (for firewalls drop shipped to EMEA and APAC)
Upgrading firewalls out of a cardboard box and updating them to a specific revision of code
Application of Check Point HFA and rpm’s
Configuration of the firewall using Check Point WEBui interface
Creating and modification of Check Point configuration files from within Check Point CLI (Expert and Clish shells)
Understanding Dynamic Routing (OSPF) with Check Point’s OS
Understanding of TCPDUmp, fw monitor, and zdebug as troubleshooting tools
Strong understanding how DHCP-Relay and DHCP Server are configured on a firewall.
Understanding of Check Point High Availability using ClusterXL
Understanding of HA Bonded interfaces
Strong understanding of all Check Point SmartConsole applications and their use; creating Security, Network Address Translation, and Application Control rules
Understanding of Check Point licensing; how to configure and deploy
How to determine and initiate an RMA for a defective firewall
o Receive firewalls spec’d for the site from shipping or:
Walk a remote resource through the 1st time config such that connectivity can be possible for further configuration
o Unbox and upgrade the firewall to 3M’s Gold Code (which contains the necessary levels of software and patches required for NAC)
o Configure the firewall specifically for the site based on the logical and switch interconnect drawings from the Access Layer Team
o Document the hardware in 3M on-line Libraries (CIRM, GSM)
o Obtain and properly license the firewalls, burn-in the new hardware, and test.
o Repack, add necessary cables w/instructions for the local eyes/hands, and ship to a domestic site
o Work withother NAC Team and local resources to install, cable, and power-up the hardware
o Game Day Activity: Work with a current 3M Firewall Resource to review and deploy the NAC Security Policy
o Work withother NAC Team and local resources to finish UTM installation (establish routing, fail-over testing, simulated hardware failures)
o Test and Troubleshoot NAC, routing, dhcp, rules as required with other NAC Team Members