The course is delivered through a combination of lectures and hands-on lab exercises, covering the following modules:
Palo Alto Networks Portfolio and Architecture: Overview of the platform and the underlying Single-Pass Parallel Processing (SP3) architecture.
Configuring Initial Firewall Settings: Initial system access, license activation, and basic setup.
Managing Firewall Configurations and Administrator Accounts: Includes configuration management, working with configuration snapshots, and setting up administrator authentication (local, LDAP, RADIUS).
Connecting the Firewall to Production Networks with Security Zones: Implementing network segmentation, virtual routers, and interfaces.
Creating and Managing Security and NAT Policy Rules: Fundamental concepts and configuration for security policies and various NAT types (Source NAT, Destination NAT).
Controlling Application Usage with App-ID: Using the App-ID technology to identify and control applications, including creating custom applications and migrating to application-based policies.
Blocking Known Threats:
Using Security Profiles (Antivirus, Anti-Spyware, Vulnerability Protection).
URL Filtering to block inappropriate web traffic.
Zone Protection and DoS Protection policies to block packet- and protocol-based attacks.
Blocking Unknown Threats with WildFire: Applying WildFire analysis profiles to identify and block malware and zero-day exploits.
Controlling Access to Network Resources with User-ID: Integrating with directory services (like Active Directory) for user and group-based policies.
Using Decryption to Block Threats in Encrypted Traffic: Implementing SSL decryption policies to inspect encrypted traffic.
Locating Valuable Information Using Logs and Reports: Monitoring network traffic and threats via the dashboard, ACC (Application Command Center), and detailed logs.
Supplemental Topics
Depending on the training provider and time constraints, additional topics may be covered as add-on or supplemental materials:
Securing Endpoints with GlobalProtect Remote Access VPN.
Providing Firewall Redundancy with High Availability (HA).
Connecting Remote Sites using IPSec VPNs.
Target Audience and Prerequisites
The course is primarily intended for security engineers, administrators, and analysts. Participants should have a basic familiarity with networking concepts (routing, switching, IP addressing) and fundamental security principles.
