Duration : 5 Days

After completing this course, students will be able to configure, install, and administer Palo Alto Networks firewall. Students will also learn about: the configuration steps for the networking, security, logging, and reporting features of the PAN-OS, and the configuration steps for VPN & High Availability.

This course is best suited for: security engineers, network engineers, and support staff.

Course Prerequisites

DAY 1

Module 1 – Introduction
Module 2 – Administration & Management
1.Using GUI
2.Using CLI Password Management
3.Certificate Management
4.Log Forwarding
5.PAN-OS & Software Update

Module 3 – Interface Configuration
1.VLAN Objects
2.QoS
3.Virtual Wire
4.Tap
5.Sub interfaces
6.Security Zones

Module 4 – Layer 3 Configurations
1.Advance NAT Features
2.IPv6 Overview
3.Policy Based Forwarding
4.Routing Protocols (OSPF)
5.Interface Management
6.Service Routes
7.DHCP
8.Virtual Routers

DAY 2
Module 5- Security Policy
1.Policy Objects
2.Defining Security Policy
3.DMZ

Module 6- NAT
1.Source and Destination NAT
2.NAT Policy Configuration

Module 7 – App-ID™
1.App-ID Process
2.Security Policy Configuration
3.Policy Administration
4.Defining new Application Signatures
5.Application Override

DAY 3
Module 8 – Content-ID™
1.Antivirus
2.Anti-spyware
3.Vulnerability
4.URL Filtering
5.File Blocking: WildFire™
6.Zone Protection
7.Custom Threat Signatures
8.Data Filtering
9.DoS Protection
10.Botnet Report

Module 9 – Authentication Profiles
1.Setting Up Authentication Profiles
2.Creating a Local User Database
3.Configuring RADIUS Server Settings
4.Configuring LDAP Server Settings
5.Configuring Kerberos Settings

Module 10 – User-ID™
1.User-ID Agent
2.Enumerating Users
3.Mapping Users to IP
4.Captive Portal
5.LDAP Integration
6.Users in Security Policy

DAY 4
Module 11 – Decryption
1.SSL Inbound and Outbound

Module 12 – VPN
1.Virtual Private Networks – Intro
2.VPN Tunnels
3.IPSec and IKE
4.IPSec and IKE Crypto Profiles
5.Setting Up IPSec VPNs
6.Defining IKE Gateways
7.Setting Up IPSec Tunnels
8.Defining IKE Crypto Profiles
9.Defining IPSec Crypto Profiles
10.Viewing IPSec Tunnel Status on the Firewall .

Module 13 – Reports and Logs
1.Logging Configuration
2.Scheduling Log Exports
3.Defining Configuration Log Settings
4.Defining System Log Settings
5.Defining HIP Match Log Settings
6.Defining Alarm Log Settings
7.Managing Log Settings
8.Configuring Syslog Servers
9,Custom Syslog Field Descriptions.

DAY 5
Module 14 – High Availability
1.Configuring Active/Active HA

Module 15 – Panorama (Only Theory)
1.Device Groups & Templates
2.Shared Policy
3.Config Management
4.Reporting and Log Collection

Upon Completion of this Course, you will accomplish following:

1.Use GUI and use CLI. Set Up Authentication Profiles.

2.Create a Local User Database.

3.Configure RADIUS Server Settings.

4.Content-ID Agent.

5.Comprehend Antivirus and anti-spyware.

6.Define IKE Gateways.

7.Set Up IPSec Tunnels.

8.Set Up IPSec VPNs.

9.View IPSec Tunnel Status on the Firewall.

10.Define IPSec Crypto Profiles.

11.Define IKE Crypto Profiles.

12.Log Configuration.

13.Define Alarm Log Settings.

14.Schedule Log Exports.

15.Define Configuration Log Settings.

16.Configure Active/Active HA.

17.Comprehend about Panorama.