R81.20 Gateway Performance Optimization Course

by Timothy C. Hall

Check Point Instructor and Author of Book "Max Power 2020: Check Point Firewall Performance Optimization"

An Instructor-led, Live 2-day Course

Initial Release date: January 26, 2023 (updated monthly)

Total Course Length: Two 8-hour Days

Instructor: Timothy C. Hall

Course Book Length Including Labs: 300+ pages
Versions Covered: R81.20, R81.10, R81, R80.40

Language: English

Prerequisites: CCSE Certification plus 3 years of managing Check Point firewalls in a production environment OR 5 years of managing Check Point firewalls in a production environment plus SecureXL/CoreXL experience​

Book Now 

(select "North America" to see available course dates)

​​​​​​​This two-day live course (instructed by "Max Power" author & CheckMates Member of the Year 2022 Timothy C. Hall) covers everything you need to know to squeeze every last bit of performance out of your Check Point Security Gateways without compromising security. Through a series of break/fix lab exercises, you will become familiar with gateway optimization strategies, while running speed tests every step of the way to see the dramatic results of your tuning adjustments. By the end of the class what started as an incredibly slow gateway with terrible performance will be a well-oiled machine. In this class you will learn about Network Optimization, CoreXL, SecureXL, Multi-Queue, Access and Threat Prevention policy tuning, handling heavy/elephant flows, and tracking down the cause of that elusive F2F/slowpath traffic. Start getting the most out of your Check Point Security Gateways today!

Course Chapters:

  • R81.20 Performance Introduction & Concepts
  • Network Level Optimization
  • Basic Gaia 3.10/RHEL Optimization
  • ClusterXL Performance Tuning
  • CoreXL & Multi-Queue
  • SecureXL Throughput Acceleration
  • Access Control Policy Tuning
  • Threat Prevention Policy Tuning
  • HTTPS Inspection Optimization
  • Heavy Connections/Elephant Flows & HyperFlow/Pipeline Processing
  • Appendix A – Intermittent/Historical Performance Issues Investigation & Monitoring
  • Appendix B – Maestro/Scalable Platforms Commands

Book Now

(select "North America" to see available course dates)

Course Reviews From Attendees

"Best class I’ve taken. Highly recommend for any technical engineer"​

"This course helped us dive deep into all manners of performance optimization from Layer 1 to 7, including that pesky Layer 8. Class had great content for the new R81.20 optimization features and the labs where engaging and showed real life scenarios and provided actual results in our lab as a function of boosting performance based on our actions. I would recommend this to anyone wanting to master full control over their firewall environment."

​"Tim is an excellent instructor. One of the best. This course is an absolute MUST for any engineer managing Check Point gateways!!"

Frequently Asked Questions for the Gateway Performance Optimization Course

Q: We are not yet running R81.20, how much of the class will be applicable to earlier code versions?

A: About 90% of the class content will be applicable to code versions R81 and R81.10, with about 60% relevance for the R80.40 code.  Features and commands that are specific to R81.20 are clearly noted in the course material.  R80.30 and earlier releases are no longer supported by Check Point and are therefore not included.

Q: How can I register and pay for the class?

A: All registrations for the Gateway Performance Optimization course must be made through Check Point's website here (select North America for available class dates).  Payment can be made using Cyber Learning Credits (CLCs), CO-OP Funds (Check Point Partners Only), or by credit card.  Shadow Peak cannot accept direct bookings for this special class due to the terms of the joint agreement between Check Point and Shadow Peak Inc.

Q: What specific gateway types are covered by the class?

A: The main focus of this course is the R81.20 code running on Check Point appliances (models 2200-28XXX), open hardware/VMWare, and Maestro/Scalable Platforms (whose differences and supplemental asg/global commands are covered in an appendix). Most class material will also apply to Quantum Spark appliances (models 1200-1800); some limited reference links will be provided for Quantum Spark appliances. VSX is not included.  The material presented in this course will mostly apply to CloudGuard gateways as well, since they run more or less the same code as the main gateway appliances.

Q: Who wrote the lecture and lab content for the class?  Does only Timothy C. Hall teach this course?

A: Mr. Hall exclusively created all content including the lab environment & lab exercises for this class.  Shadow Peak Inc is a one-man shop and all its courses are always taught by Timothy C. Hall.

Q: I only see class times that are applicable to the Americas timezones, but I'm located well outside those timezones and the class times in my local timezone will not work for me.  Will there be classes run during regular business hours in my own timezone?  

A: This is not currently available, but will be considered if there is sufficient demand.  If you are interested in attending a class with hours aligned to your local timezone, please email sales 'at' shadowpeak.com to express interest and include your local timezone.  

Q: Are there other Authorized Training Centers (ATCs) in my timezone that currently carry this class?

A: At the moment the Gateway Performance Optimization course is exclusive to ATC Shadow Peak Inc.

Q: What is the format of the labs?

A: The labs are a break/fix approach.  Leveraging his 25+ years of Check Point experience, Mr. Hall has deliberately but subtly impaired numerous elements of the operational lab environment related to performance.  These impairments are based on problems Mr. Hall has seen countless times in the real world.  The first lab conducts a speed test that reveals absolutely terrible performance through the firewall.  As the labs progress and optimizations are performed, attendees can see the tangible performance improvements in their subsequent speed tests, culminating in the final lab exercise with activating and testing the new R81.20 Hyperflow/pipeline feature.

Q: I've read the Max Power 2020 book already, is this course just the Max Power 2020 book content warmed over?

A: No.  While some elements of the original Max Power books are still relevant and included in the class, the last book Max Power 2020 only covered up to code version R80.30, with an addendum made available for R80.40.  This course has been completely updated and major elements revamped for the R81-R81.20 code releases, which have numerous and extensive new performance-related features not covered at all in the Max Power books.

Q: We'd like to schedule a private Gateway Performance Optimization class date just for our organization's attendees.  Can this be accommodated?

A: Yes.  A minimum of 6 attendees is required to schedule a private class date, and the course payment must still be made through Check Point's website.  Please email sales 'at' shadowpeak.com if your organization meets these requirements.

Q: Can I just purchase the course material without actually taking and paying for the full class?

A: No.  While the coursebook content alone is certainly useful, it is most effective when paired with the reader working through the detailed break/fix lab exercises in a live class.

Book Now

(select "North America" to see available course dates)