COURSE REGISTRATION DETAILS


Palo Alto Networks NGFW 8.0x – Installation, Configuration and Administration CourseGo Back

Code: paloalto-ngfw-8-0x
Format: 4 day Instructor-Led Classroom
Tuition (CAD): Contact us for pricing
Where: iON United, Suite 340, 340 12th Ave SW, Calgary, AB
Date/Time: Nov 26, 2019 - Nov 29, 2019
Extra: Lunch will be provided.

Course Overview

Through a combination of lecture and hands on labs this course will provide the participant with the understanding of critical concepts and skills necessary to effectively Install, configure and administer Palo Alto Networks Next Generation Firewalls.

Who can benefit

This course is appropriate for individuals responsible for the deployment and day to day management of Palo Alto Networks Next Generation Firewalls.

Course outline

  • Module 1 – Introduction to the Palo Alto Networks Security Platform
    • Palo Alto Networks Security Platform Components and Interactions
    • General Overview of the Next-Generation Firewall (NGFW)
    • Understanding the NGFW Architecture
    • Introduction to the NGFW Management GUI
  • Module 2 – NGFW Initial Configuration
    • Installation Requirements
    • Deployment Options
    • Registering and Licensing a NGFW Platform
    • Updating PAN-OS
    • Configuring Zones and Interfaces
    • Virtual Routers
  • Module 3 – Understanding Security and NAT Policies
    • Security Policy Concepts
    • Essential Building Blocks of NGFW Security Polices
    • Working with Objects
    • Viewing, Creating and managing rules
    • Understanding Network Address Translation (NAT)
    • Source and Destination NAT
    • Port Address Translation(Port forwarding)
  • Module 4 – App-ID
    • Understanding and Using Application Identification (App-ID)
    • Using Applipedia
    • Using Application Groups & Filters
    • Understanding Content-ID
    • Configuring and Using Content-ID Security Profiles:
      • Vulnerability
      • Anti-Virus
      • Anti-Spyware
      • File-Blocking
  • Module 5 – User-ID
    • User-ID Basics
    • Configuring User-ID
    • Configuring Group Mapping
    • Using User-ID in Policies
  • Module 6 – Content-ID
    • Understanding Content-ID
    • Configuring and Using Security Profiles:
      • Vulnerability
      • Anti-Virus
      • Anti-Spyware
      • File-Blocking
  • Module 7 – URL Filtering with PAN-DB
    • Understanding URL FilteringBasics
    • Creating URL Policies
    • Creating Custom URL Categories
    • Using URL Profiles in Policies
  • Module 8 – Wildfire
    • Wildfire Fundamentals
    • Configuring Wildfire
    • Creating and using Wildfire Profiles
    • Working with Wildfire Submission Reports
  • Module 9 – SSL/TLS Decryption
    • Decryption Fundamentals
    • Managing Certificates
    • Working with Decryption Policies
    • Setting up Forward Proxy Decryption
    • Setting up SSL Inbound Inspection
    • SSL Best Practices
  • Module 10– Site to Site VPNs
    • NGFW Route Based VPN concepts
    • Configuring VPN zones and interfaces
    • Configuring:
      • Zones
      • Tunnel Interfaces
      • Routing
      • IKE Gateways
      • IPSec Tunnels
  • Module 11– Client to Site VPNs
    • Global Protect concepts and deployment considerations
    • Configuring Global Protect:
      • Portals
      • Gateways
      • Agents
  • Module 12– Monitoring & Reporting
    • Overview and Customization of the NGFW Dashboard
    • Working with the Application Control Center (ACC)
    • Palo Alto Networks Logging, Log Types and Configuration Options
    • Using App Scope, Session Browser, and Botnet
    • Using Predefined Reports
    • Working with PDF Reports
    • Managing and Creating Custom Reports
    • Using Report Groups and Email Scheduling

What you need

Students must have a working knowledge of TCP/IP, including routing, switching, and IP addressing. Students also should be familiar with basic security concepts. Experience with other security technologies (Firewalls, IPS, proxy, URL filtering) is a plus. The students will be required to bring any laptop (Windows or Mac) with:

• Chrome Browser (preferred)
• VNC Client
• Putty SSH Client