In this course, you will learn how to:

• Configure and manage the essential features of Palo Alto Networks next-generation firewalls
• Configure and manage security and NAT policies to enable approved traffic to and from zones
• Configure and manage threat prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs
• Monitor network traffic using the interactive web interface and firewall reports

Module 1 – Platform and architecture

• Describe the three pillars of the Palo Alto Networks portfolio
• Define the single-pass architecture
• Define Zero Trust Concept
• Describe the physical and virtual firewall models available from Palo Alto Networks

Module 2 – Initial configuration

• Identify available firewall management interfaces and the methods to access them
• Configure firewall management interface network settings and services
• Identify the purpose and location of the firewall licenses and how to manage licenses
• Identify how to update the PAN-OS® software

Module 3 – Managing firewall configurations

• Describe the purpose of the running and candidate firewall configurations
• Manage firewall configuration
• View and filter firewall logs, with focus on system and configuration logs because they are updated when managing firewall configurations

Module 4 – Managing firewall administrator accounts

• Describe the firewall authentication and authorization process and firewall components
• Create a local firewall administrator account
• Create a non-local firewall administrator account
• Create a firewall account that supports non-interactive login

Module 5 – Connecting the firewall

• Describe firewall network segmentation components used to block threats
• Configure firewall security zones to implement network segmentation
• Configure tap interfaces to collect network traffic for later analysis
• Configure virtual wire interfaces to control network traffic traversing between two firewall interfaces
• Configure Layer 3 interfaces to control network traffic traversing Layer 3 networks
• Configure a virtual router to support Layer 3 interfaces

Module 6 – Security policies

• Describe security policy concepts and operation
• Configure a security policy rule
• Manage a security policy
• Create and use tags and custom services in a security policy

Module 7 – NAT Policies

• Configure a NAT policy to implement source NAT
• Configure a NAT policy to implement destination NAT

Module 8 – App ID

• Identify how App-ID reduces the attack surface
• Describe App-ID concepts and operation
• Configure App-ID-based policy rules
• Update App-ID application database

Module 9 – Security Profiles

• Describe the seven different security profile types
• Define the two predefined vulnerability protection profiles
• Configure security profiles to prevent virus and spyware infiltration
• Configure file blocking profiles to identify and control the flow of file types through the firewall
• Configure a DoS protection profile to help mitigate Layer 3 and 4 protocol-based attacks

Module 10 – URL Filtering

• Configure the firewall to block traffic from known-malicious IP addresses
• Configure the firewall to block traffic from known-malicious domains
• Configure the firewall to block traffic from known-malicious URLs
• Describe other URL filtering operations and options

Module 11 – Wildfire

• Describe WildFire purposes and operation
• Describe WildFire license and deployment choices
• Configure and update WildFire
• View WildFire reports and logs

Module 12 – User-ID

• Identify the purpose and four main components of User-ID
• Identify available IP-to-username mapping methods
• Configure the PAN-OS® integrated agent to connect to monitored servers
• Configure username-to-group name mapping
• Implement User-ID in Security policy

Module 13 – Encrypted traffic

• Review fundamental SSL concepts and operation
• Create and manage certificates using the web interface
• Configure SSL/TLS forward proxy decryption
• Configure SSL/TLS inbound inspection decryption
• Prevent decryption for specific traffic
• View information and troubleshoot SSL/TLS issues using the CLI and logs
• Identify decryption configuration considerations
• Configure SSH decryption
• List other available decryption methods

Module 14 – Logging and reporting

• Monitor threat and traffic information using the Dashboard and the ACC
• Monitor threat and traffic information using the logs
• Monitor threat and traffic information using App Scope reports
• Monitor threat and traffic information using predefined and custom reports
• Configure firewall log forwarding to external services