Course Details
The Firewall 7.1: Installation, Configuration & Management course three-day, instructor-led training that enables students to install, configure, and manage the essential features of Palo Alto Networks next-generation firewalls.
Objectives
- Students attending this introductory-level class will gain an in-depth knowledge of how to install, configure, and manage their firewall.
- They will also learn the configuration steps for the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks PAN-OS® operating system.
Outline
Module 1: Platforms and Architecture
- Single-Pass Architecture
- Flow Logic
Module 2: Initial Configuration
- Initial Access to the System
- Configuration Management
- Licensing and Software Updates
- Account Administration
Module 3: Basic Interface Configuration
- Security Zones
- Layer 2, Layer 3, Virtual Wire, and Tap
- Subinterfaces
- DHCP
- Virtual Routers
Module 4: Security and NAT Policies
- Security Policy Configuration
- Policy Administration
- NAT (source and destination)
Module 5: Basic App-ID™
- App-ID Overview
- Application Groups and Filters
Module 6: Basic Content-ID™
- Antivirus
- Anti-spyware
- Vulnerability
- URL Filtering
Module 7: File Blocking and WildFire™
- File Blocking
- WildFire
Module 8: Decryption
- Certificate Management
- Outbound SSL Decryption
- Inbound SSL Decryption
Module 9: Basic User-ID™
- Enumerating Users
- Mapping Users to IP Addresses
- User-ID Agent
Module 10: Site-to-Site VPNs
- IPSec Tunnels
Module 11: Management and Reporting
- Dashboard
- Basic Logging
- Basic Reports
- Panorama
Module 12: Active/Passive High Availability
- Configuring Active/Passive HA
Target Audience
- Security Engineers
- Network Engineers
- Support Staff
Prerequisites
Before attending the Firewall 7.1: Installation, Configuration & Management course:
- Students must have a basic familiarity with networking concepts including routing, switching, and IP addressing.
- Students should also be familiar with basic port-based security concepts. Experience with other security technologies (IPS, proxy, and content filtering) is a plus.