PaloAlto Firewall course is one of the most widely adopted firewalls worldwide to safeguard and secure Cloud Infrastructures. PaloAlto training is an advanced-level course dealing with Network traffic. It features installing, accessing, managing, troubleshooting, understanding, and differentiating core components of Network Security Operators. PaloAlto course also includes in-detail critical Security concepts of Network and Security Program elements. Successful completion of this course, should enhance the student’s understanding of how to configure and manage Palo Alto Networks Next-Generation Firewalls. The course includes hands-on experience configuring, managing, and monitoring a firewall in a lab environment.
Course Objectives:
In this course, you will learn to:
- Configure and manage the essential features of Palo Alto Networks next-generation firewalls
- Configure and manage Security and NAT policies to enable approved traffic to and from zones
- Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs
- Monitor network traffic using the interactive web interface and firewall reports
Course content
Core Concepts
- Palo Alto Network Products
- Appropriate Interfaces or Zone Types
- Decryption Deployment Strategies
- Enforce User-ID
- Authentication policy
- Fundamental functions
- Multiple Virtual Systems (multi-vsys)
- Environment
Deploy and Configure Core Components
- Configure Management Profiles
- App-ID Deploy and configure Security Profiles
- Zone protection, packet buffer protection, and DoS protection
- Deployment configuration of a Palo Alto Networks firewall
- Configure authorization, authentication, and device access
- Configure and manage certificates
- Configure routing
- Configure NAT
- Configure site-to-site tunnels
- Configure service routes
- Configure application-based QoS
Deploy and Configure Features and Subscriptions
- Configure App-ID
- Configure Global Protect
- Configure decryption
- Configure User-ID 149
- Configure Wild Fire
- Configure Web Proxy
Deploy and Configure Firewalls using Panorama
- Configure templates and template stacks
- Components configured in a template
- Overriding a template value in a stack
- Configure variables in templates
- Configure device groups
- Device group hierarchies
- Identify what device groups contain
- Manage firewall configurations within Panorama
- Licensing
- Commit recovery feature
Manage and Operate
- Manage and configure log forwarding 181
- Log Monitoring, Create and manage tags, Manage external services
- Palo Alto Networks system
- Single firewall, High availability pairs, Panorama push, Dynamic updates
- Manage HA functions
- Link monitoring, Path monitoring, Failover, HA interfaces, Clustering
Troubleshooting
- Troubleshoot site-to-site tunnels
- Troubleshoot interfaces
- Troubleshoot Decryption
- Troubleshoot routing
- General Troubleshooting
- Troubleshoot resource protections
- Troubleshoot Global Protect
- Troubleshoot policies
- Troubleshoot HA functions
Device Management and Services
- Firewall management interfaces
- Provision local administrators
- Maintain firewall configurations
- Push policy updates to Panorama-managed firewalls
- Schedule and install dynamic updates
- Create and apply security zones to policies
- Identify and configure firewall interfaces
- Maintain and increase the configuration of a virtual/logical router
Manage Objects
- Create and maintain address and address group objects
- How to tag objects
- Difference between address objects
- Static vs dynamic groups
- Configure and maintain application filters and application groups
- Using filters vs groups
- Purpose of application characteristics according to App-ID database
Policy Evaluation and Management
- Application-based Security Policy
- Rule shadowing, Group rules by tag
- Differentiate specific security rule types
- Interzone, Intrazone, Universal
- Security policy match conditions, actions and logging options
- Application filters and groups, Logging options, App-ID, User-ID, Device-ID
- Identify and implement NAT policies
- Destination, Source
- Optimize security policies using appropriate tools
- Policy test match tool, Policy optimizer
Security Traffic
- Compare and contrast different types of security profiles
- Create, modify, add and apply the appropriate security profiles and groups
- Use the information available in the logs
- Enable DNS security to control traffic based on domains
- Create and deploy URL-filtering-based controls
- Differentiate between group mapping and IP-to-user mapping within policies and logs
Maintain Application-Based Policies
- Block Threats Using Custom Applications
- Block Threats by Identifying Users
- Block Threats by Identifying Devices
- Block Unknown Threats
- Block Threats in Encrypted Traffic
- Prevent Use of Stolen Credentials
- Block Threats Using Security Profiles
- View Threat and Traffic Information
To see the full course content Download now
Course Prerequisites
- Students must have a basic familiarity with networking concepts including routing,
- switching, and IP addressing. Students also should be familiar with basic security concepts.
- Experience with other security technologies (IPS, proxy, and content filtering) is a plus.
- Cybersecurity Foundation
Who can attend
This course is ideal for:
- Security Engineers
- Security Administrators
- Security Operations Specialists
- Security Analysts
- Support Staff
Number of Hours: 40hrs
Certification
- Network Security Engineer-PCNSE PAN-OS 10
- Palo Alto Networks Certified Network Security Engineer (PCNSE)
Key features
- One to One Training
- Online Training
- Fastrack & Normal Track
- Resume Modification
- Mock Interviews
- Video Tutorials
- Materials
- Real Time Projects
- Virtual Live Experience
- Preparing for Certification
FAQs
DASVM Technologies offers 300+ IT training courses with 10+ years of Experienced Expert level Trainers.
- One to One Training
- Online Training
- Fastrack & Normal Track
- Resume Modification
- Mock Interviews
- Video Tutorials
- Materials
- Real Time Projects
- Materials
- Preparing for Certification
Call now: +91-99003 49889 and know the exciting offers available for you!
We working and coordinating with the companies exclusively to get placed. We have a placement cell focussing on training and placements in Bangalore. Our placement cell help more than 600+ students per year.
Learn from experts active in their field, not out-of-touch trainers. Leading practitioners who bring current best practices and case studies to sessions that fit into your work schedule. We have a pool of experts and trainers are composed with highly skilled and experienced in supporting you in specific tasks and provide professional support. 24x7 Learning support from mentors and a community of like-minded peers to resolve any conceptual doubts. Our trainers has contributed in the growth of our clients as well as professionals.
All of our highly qualified trainers are industry experts with at least 10-12 years of relevant teaching experience. Each of them has gone through a rigorous selection process which includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating continue to train for us.
No worries. DASVM technologies assure that no one misses single lectures topics. We will reschedule the classes as per your convenience within the stipulated course duration with all such possibilities. If required you can even attend that topic with any other batches.
DASVM Technologies provides many suitable modes of training to the students like:
- Classroom training
- One to One training
- Fast track training
- Live Instructor LED Online training
- Customized training
Yes, the access to the course material will be available for lifetime once you have enrolled into the course.
You will receive DASVM Technologies recognized course completion certification & we will help you to crack global certification with our training.
Yes, DASVM Technologies provides corporate trainings with Course Customization, Learning Analytics, Cloud Labs, Certifications, Real time Projects with 24x7 Support.
Yes, DASVM Technologies provides group discounts for its training programs. Depending on the group size, we offer discounts as per the terms and conditions.
We accept all major kinds of payment options. Cash, Card (Master, Visa, and Maestro, etc), Wallets, Net Banking, Cheques and etc.
DASVM Technologies has a no refund policy. Fees once paid will not be refunded. If the candidate is not able to attend a training batch, he/she is to reschedule for a future batch. Due Date for Balance should be cleared as per date given. If in case trainer got cancelled or unavailable to provide training DASVM will arrange training sessions with other backup trainer.
Your access to the Support Team is for lifetime and will be available 24/7. The team will help you in resolving queries, during and after the course.
Please Contact our course advisor +91-99003 49889. Or you can share your queries through info@dasvmtechnologies.com