palo alto training Course Content
Platform Overview
- Understanding on Hardware architecture of next generation firewall
- Single pass architecture
- Flow logic
- Segregated control plane & data plane
- Fast path
Administration & Management
- Administration & management of firewall using GUI, CLI
- Overview of REST API
- Config Mgmt, PAN-OS, Account Administration
Interface Configuration
- Understating on various interface types including Tap, v-waire, layer3, HA
- Security zones overview
- Designing network security with layer2, transparent & layer3 deployment
Layer3 configuration
- Overview of layer 3 technologies including Virtual routers , interface management profile & service route configuration
- Policy based forwarding, Static & dynamic routing protocols
- Network address translation
- Dynamic IP
- Static IP
- Destination NAT Type
- Static IP
- Port forwarding
- NAT Specific traffic flow
- Understating & implementation of NAT policies
Application –ID
- Overview of application APP-ID
- Application-ID traffic flow
- Overview of security policy
- App-id & security policies configuration
- Advance concepts on application & security policies
- Application dependencies
- Managing policy behavior
- Custom application signatures
- Logging & reporting
- Overview of SSL session setup & underrating on PAKI
- how to configure firewall for SSL visibility
- inbound deep packet inspection of SSL traffic – IPS & other signatures for inbound SSL traffic
User-ID
- User-id flow & user based policies
- understating on user-id process
- Enumerate users & group with Active directory & LDAP
- User id agent identification method
- understating on AD security logs, CAS security logs, shared server sessions & WMI queries
- Captive portal overview for guest authentication
Content-ID
- Overview of content-id modules & security profiles
- Understanding on advance deep packet inspection using
- Anti-virus profiles
- Anti-spyware profiles
- Vulnerability scanning profiles
- URL filtering profiles
- File blocking profiles
- Wild fire profiles
- Administration of security profiles
- Zone protection profiles
VPN
- Overview of VPN technologies
- SSL VPN
- IPsec VPN
- Understating on policy & route based VPN
- Implementing VPN on PAN oS
- Advance understanding of SSL VPN technology
- Establishing SSL VPN with global protect
High Availability
- Overview of redundant architecture & high availability
- understating on active-active and active-standby HA
- understating & managing split brain condition
- path & link monitoring configuration to handle failover conditions
Troubleshooting
- Overview of troubleshooting methodology on PAN os
- Online tools, working with Palo alto support team
- Troubleshooting with
- GUI, CLI, logs, packet captures, debug & mint. mode
- Tools and techniques for troubleshooting for VPN, session issues