Palo Alto

24Mar 2017

The Palo Alto Networks Firewall 8.0 Essentials: Configuration and Management (EDU-210) course is five days of instructor-led training that will enable you to: Configure and manage the essential features of Palo Alto Networks®

Course Objectives

Successful completion of this five-day,instructor-led course will enhance the student’s understanding of how to configure and manage Palo Alto Networks® next-generation firewalls. The student will learn and get hands-on experience configuring, managing, and monitoring a firewall in a lab environment.

Scope

  • Course level: Introductory
  • Course duration: 5 days
  • Course format: Combines lecture and hands-on labs
  • Platform support: Palo Alto Networks® next-generation enterprise firewalls running the PAN-OS® operating system
SESSIONS:
Mod 1: Platforms and Architecture

Mod 2: Initial Configuration

Mod 3: Interface Configuration

Mod 4: Security and NAT Policies

Mod 5: Basic App-ID™

Mod 6: Basic Content-ID™

Mod 7 : URL Filtering

Mod 8 : Decryption

Mod 9 : WildFire™

Mod 10 : User-ID™

Mod 11 : GlobalProtect™

Mod 12 : Site-to-Site VPNs

Mod 13 : Monitoring and Reporting

Mod 14 : Active/Passive High Availability

Mod 15 : What’s Next

06Nov 2016

Course Objectives

Students will learn how Traps protects against exploits and malware-driven attacks. In hands-on lab exercises, students will install and configure the Endpoint Security Manager (ESM) and Traps endpoint components; build rules; enable and disable process protections; and integrate Traps with Palo Alto Networks WildFire™, which provides prevention and detection of zero-day malware.

Scope

  • Course level: Introductory
  • Course duration: 2 days
  • Course format: Combines instructor-facilitated lecture with hands-on labs
  • Software version: Palo Alto Networks Traps Advanced Endpoint Protection 3.4

Sessions

Mod 1: Traps Overview

  • How sophisticated attacks work today
  • The design approach of Traps
  • Main features of Traps
  • Traps resources

Mod 2: Installing Traps

  • Planning the installation
  • Installing ESM Server and database
  • Installing ESM Console
  • Installing agents
  • Managing content updates
  • Upgrading Traps

Mod 3: Malicious Software Overview

  • Exploitation techniques and their prevention
  • Malware techniques and their prevention

Mod 4: Consoles Overview

  • Introduction to ESM Console
  • Introduction to the Traps Agent Console

Mod 5: Traps Protection Against Exploits

  • Architecture and overview
  • Configuring exploit protection
Mod 6: Traps Protection Against Malware (including WildFire)

  • Architecture and Overview
  • WildFire
  • Local Analysis
  • Trusted Publishers
  • Malware Restrictions and Malware Protection Modules

Mod 7: Managing Traps

  • System monitoring
  • License administration
  • Important server and agent settings
  • Agent actions

Mod 8: Traps Forensics

  • Forensic information retrieval
  • Responding to prevention events

Mod 9: Basic Traps Troubleshooting

  • Troubleshooting Resources
  • Working with Technical Support
  • Troubleshooting scenarios

 

06Nov 2016

Course Objectives

Students will learn how to design, build, implement, and optimize large scale Traps deployments: those with multiple servers and/or thousands of endpoints. In hands-on lab exercises, students will distribute Traps endpoint software in an automated way; prepare master images for VDI deployment; build multi-ESM deployments; design and implement customized policies; test Traps with exploits created using Metasploit; and examine prevention dumps with windbg.

Scope

  • Course level: Intermediate
  • Course duration: 2 days
  • Course format: Combines instructor-facilitated lecture with hands-on labs
  • Software version: Palo Alto Networks Traps Advanced Endpoint Protection 3.4

Sessions

Mod 1: Deploying Traps

  • Distributing endpoint software
  • TLS/SSL options
  • Virtual Desktop Infrastructure (VDI) deployment
  • External logging and SIEM integration

Mod 2: Scaling Traps Deployments Up

  • Role-based Access Control
  • Deployment patterns, including Multi-ESM Server deployment
  • Migration tasks

Mod 3: Optimizing Traps

  • Optimizing server settings
  • Defining conditions
  • Designing optimized policies
  • Implementing ongoing maintenance

Mod 4: Advanced Traps Forensics

  • Agent queries
  • Resources for malicious software testing
  • Exploit challenge testing with Metasploit
  • Exploit dump analysis with windbg

Mod 5: Advanced Traps Troubleshooting

  • Endpoint Security Manager and Traps architecture
  • Troubleshooting scenarios using dbconfig and cytool
  • Troubleshooting application compatibility
  • Troubleshooting BITS connectivity

 

06Nov 2016

Course Objectives

Successful completion of this three-day, instructor-led course will enhance the student’s understanding of how to troubleshoot the full line of Palo Alto Networks next-generation firewalls. Students will receive hands-on experience troubleshooting the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks PAN-OS® operating system. Upon completion of this class, students will have an in-depth knowledge of how to troubleshoot visibility and control over applications, users, and content.

Scope

  • Course level: Advanced
  • Course duration: 3 days
  • Course format: Combines lecture with hands-on labs
  • Platforms supported: All Palo Alto Networks next-generation firewall models running the PAN-OS® operating system

SESSIONS:

  • Mod 1: Troubleshooting Methodology
  • Mod 2: Platform Comparisons When Troubleshooting
  • Mod 3: Flow Logic
  • Mod 4: Administration Troubleshooting
  • Mod 5: Layer 3 Troubleshooting
  • Mod 6: Policy Troubleshooting
  • Mod 7: User-ID™ Troubleshooting
  • Mod 8: VPN Troubleshooting
  • Mod 9: GlobalProtect™ Troubleshooting
  • Mod 10: Performance Troubleshooting
06Nov 2016

Course Objectives

The Firewall 7.1: Manage Cyberthreats course is for students who want to understand cyberthreats and their characteristics. Students will learn how to manage cyberthreats using security policies, profiles, and signatures to protect their network against emerging threats.

Scope

  • Course level: Intermediate
  • Course duration: 2 days
  • Course format: Combines lecture with hands-on labs
  • Platform supported: All Palo Alto Networks next generation firewall models running the PAN-OS® operating system

Sessions :

Mod 1: Threat Landscape

  • Advanced Persistent Threats
  • Data Breaches and Tactics
  • Threat Management Strategies

Mod 2: Integrated Approach to Threat Protection

  • Integrated Approach to Protection
  • Next-Generation Firewall
  • Advanced Endpoint Protection

Mod 3: Network Visibility

  • Zero Trust Model
  • SSL Decryption
  • Decryption Policy

Mod 4: Reducing the Attack Surface

  • App-ID to Reduce Attack Surface
  • Control Advanced Vectors
  • Handling Drive-By Downloads
  • DoS Protection
Mod 5: Handling Known Threats

  • WildFire Analysis
  • Security Profiles

Mod 6: Handling Unknown Traffic and Zero-Day Exploits

  • WildFire
  • Researching Threat Events
  • Identifying Unknown Applications

Mod 7: Investigating Breaches

  • Identify IOCs Using App-Scope
  • Log Correlation
  • Finding Infected Host

Mod 8: Using Custom Signatures

  • Creating Custom App-IDs
  • Threat Signatures

 

06Nov 2016

Course Objectives

Students attending this course will gain in-depth knowledge of how to configure and manage their Palo Alto Networks® Panorama® management server. Upon completion of this course, administrators will understand the Panorama™ management server’s role in managing and securing their overall network. Network professionals will learn to use Panorama™ aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks® next-generation firewalls.

Scope

  • Course level: Intermediate
  • Course duration: 2 days
  • Course format : Combines lecture with hands-on labs
  • Platform supported: Panorama 8.0 running in a VM or on an M-100, or M500 appliance

Sessions:

Mod 1: Overview

  • Panorama Solution
  • Deployment

Design Mod 2: Initial Configuration

  • Interface Configuration
  • Setup Configurations
  • Device Deployment
  • Configuration Management

Mod 3: Templates

  • Templates Overview
  • Common Organization Strategies
  • Configuring Templates

Mod 4: Device Groups

  • Device Groups
  • Objects
  • Policies
  • Device Group Commit
Mod 5: Administration

  • Admin Roles and Access Control
  • Commit Procedure

Mod 6:Distributed Log Collection

  • Logging
  • Application Command Center
  • App-Scope
  • Correlation Objects
  • Reports

Mod 7: Logging and Reporting

  • Plan a Log Collection Deployment
  • Distributed Data Collection
  • Log Deployment
  • Configure Dedicated Log Collector
  • Managed Collector Groups

Mod 8: Panorama High Availability

  • Panorama High Availability
  • Collector Group Redundancy
  • Export Configuration
  • Disk Installation

 

20Oct 2013

Firewall 7.1: Configure Extended Features (EDU-205)

COURSE OBJECTIVES

Successful completion of this two-day, instructor-led course will enhance the student’s understanding of how to configure and manage the entire line of Palo Alto Networks next-generation firewalls.

Students also will be instructed on the basics of implementing and managing GlobalProtect™ and active/ active high availability. Students will gain an in-depth knowledge of how to optimize their visibility and control of applications, users, and content.

SCOPE

  • Course level: Introductory
  • Course duration: 2 days
  • Course format: Combines lecture and hands-on labs
  • Platforms supported: All Palo Alto Networks next-generation firewall models running the PAN-OS® operating system

 

COURSE OUTLINE

Sessions

Mod 1: Advanced Interface Configuration

  • Advanced NAT
  • Policy-Based Forwarding
  • Routing Protocols (OSPF)

Mod 2: App-ID™ – Custom Applications

  • Defining New Application Signatures

Application Override Mod 3: Advanced Content-ID™

  • Custom Threat Signatures
  • Data Filtering
  • DoS Protection
  • Botnet Report

Mod 4: Advanced User-ID™

  • Terminal Server Agent
  • Captive Portal • XML API
 Mod 5: Quality of Service

  • Configuring Quality of Service

Mod 6: GlobalProtect™

  • Implementation of GlobalProtect
  • Install and Configure Portal, Gateway, and Agents

Mod 7: Monitoring and Reporting

  • Log Forwarding
  • SNMP

Reporting Mod 8: Active/Active High Availability

  • Configuring Active/ Active HA

 

13Dec 2012

Firewall 7.1: Install, Configure, and Manage (EDU-201)

COURSE OBJECTIVES

Students attending this introductory-level class will gain an in-depth knowledge of how to install, configure, and manage their firewall. They will also learn the configuration steps for the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks PAN-OS® operating system.

 

SCOPE

  • Course level: Introductory
  • Course duration: 3 Days
  • Course format: Combines lecture with hands-on labs
  • Platform support: All Palo Alto Networks next-generation firewall models running PAN-OS 5.0.
SESSIONS:
Mod 1: Platforms and Architecture

  • Single-Pass Architecture
  • Flow Logic

Mod 2: Initial Configuration

  • Initial Access to the System
  • Configuration Management
  • Licensing and Software Updates
  • Account Administration

Mod 3: Basic Interface Configuration

  • Security Zones
  • Layer 2, Layer 3, Virtual Wire, and Tap
  • Subinterfaces
  • DHCP
  • Virtual Routers

Mod 4: Security and NAT Policies

  • Security Policy Configuration
  • Policy Administration
  • NAT (source and destination)

Mod 5: Basic App-ID™

  • App-ID Overview
  • Application Groups and Filters

Mod 6: Basic Content-ID™

  • Antivirus
  • Anti-spyware
  • Vulnerability
  • URL Filtering
Mod 7: File Blocking and WildFire™

  • File Blocking
  • WildFire

Mod 8: Decryption

  • Certificate Management
  • Outbound SSL Decryption
  • Inbound SSL Decryption

Mod 9: Basic User-ID™

  • Enumerating Users
  • Mapping Users to IP Addresses
  • User-ID Agent

Mod 10: Site-to-Site VPNs

  • IPSec Tunnels

Mod 11: Management and Reporting

  • Dashboard
  • Basic Logging
  • Basic Reports
  • Panorama

Mod 12: Active/Passive High Availability

  • Configuring Active/Passive HA