Palo Alto firewall

PALO ALTO

This course is designed for students who are new to next-generation firewalls. Candidates should have basic understaing on ip addressing, routing and switching technoilogies.

Upon completion of this course, students will be able to:

• Explain the features and advantages of the next-generation firewall architecture over stateful inspection firewalls

Perform the basic & advance configuration of the firewall including:

• Configuring interfaces, security zones, security policies, and content profiles
• Setting up basic operation of User-ID, Content-ID, and App-ID
• Enable SSL decryption and VPNs
• Review logs and write basic reports
• Configure an active-passive high availability (HA) pair

Module 0 – Platform Overview

• Understanding on Hardware architecture of next generation firewall
• Single pass architecture
• Flow logic
• Segregated control plane and data plane
• Fast path

Module 1 – Administration and Management

• Administration and management of firewall using GUI, CLI
• Overview of REST API
• Config Mgmt, PAN-OS, Account Administration

Module2 – Interface Configuration

• Understating on various interface types including Tap, v-waire, layer3, HA
• Security zones overview
• Designing network security with layer2, transparent and layer3 deployment

Module3 – Layer3 configuration

• Overview of layer 3 technologies including Virtual routers , interface management profile and service route configuration
• Policy based forwarding, Static and dynamic routing protocols
• Network address translation
  • Dynamic IP
  • Static IP
• Destination NAT Type
  • Static IP
  • Port forwarding
• NAT Specific traffic flow
• Understating and implementation of NAT policies

Module 4 – Application –ID

• Overview of application APP-ID
• Application-ID traffic flow
• Overview of security policy
• App-id and security policies configuration
• Advance concepts on application and security policies
  • Application dependencies
  • Managing policy behavior
  • Custom application signatures
• Logging and reporting
• Overview of SSL session setup and underrating on PAKI
• how to configure firewall for SSL visibility
• inbound deep packet inspection of SSL traffic – IPS and other signatures for inbound SSL traffic

Module 5 – User-ID

• User-id flow & user based policies
• understating on user-id process
• Enumerate users and group with Active directory and LDAP
• User id agent identification method
• understating on AD security logs, CAS security logs, shared server sessions and WMI queries
• Captive portal overview for guest authentication

Module 6 – Content-ID

• Overview of content-id modules and security profiles
• Understanding on advance deep packet inspection using
  • Anti-virus profiles
  • Anti-spyware profiles
  • Vulnerability scanning profiles
  • URL filtering profiles
  • File blocking profiles
  • Wild fire profiles
• Administration of security profiles
• Zone protection profiles

Module 7 – VPN

• Overview of VPN technologies
  • SSL VPN
  • IPsec VPN
• Understating on policy and route based VPN
• Implementing VPN on PAN oS
• Advance understanding of SSL VPN technology
• Establishing SSL VPN with global protect

Module 8 – High Availability

• Overview of redundant architecture and high availability
• understating on active-active and active-standby HA
• understating and managing split brain condition
• path and link monitoring configuration to handle failover conditions

Module 9 – Troubleshooting

• Overview of troubleshooting methodology on PAN os
• Online tools, working with Palo alto support team
• Troubleshooting with
  • GUI, CLI, logs, packet captures, debug and mint. mode
  • Tools and techniques for troubleshooting for VPN, session issues