Palo Alto Firewall PAN OS V11 - Zero-To-Hero - Part-1

Explore Palo Alto Networks' security portfolio: next-gen firewalls, cloud security with Prisma Cloud, AI-driven threat intelligence, and security automation via Cortex and XSOAR, plus zero-trust and SOC insights.

Survey Palo Alto Networks' product portfolio, including network security, cloud security with Prisma Cloud, and endpoint and security operations tools like Cortex XDR and Cortex XSOAR.

Palo Alto firewalls provide advanced threat protection with machine learning, behavioral analysis, and integrated security features, plus cloud readiness and a strong ecosystem. Compare against Fortinet, Cisco, Check Point, Juniper, Sophos, and SonicWall.

Explore Palo Alto certification path tracks across foundational, network security, cloud security, and security operations, including apprentice and practitioner, aligned with strata, prisma sassy, prisma cloud, and cortex.

Explore PAN-OS 11.x enhancements, including advanced threat prevention with ML and DNS over HTTPS. Also learn about DHCPv6 with prefix delegation, cloud identity engine, and improved IoT and SD-WAN features.

Explore Palo Alto firewall architecture and the SP3 single pass parallel processing design for high throughput and low latency security.

Explore Palo Alto interface modes, including layer 3 routing, layer 2 bridging, virtual wire, tap mode, and subinterfaces, and learn when to deploy each with VLANs and security policies.

Explore the Palo Alto firewall version 11 dashboard, configure and customize widgets, view real-time system performance and security event data, and verify details via CLI.

Configure the Palo Alto firewall management interface via CLI to assign a static IP, set DNS and gateway, and then access the web UI to monitor and manage the device.

Learn how to download and install VMware Workstation Pro 17 on Windows, using the free personal use edition after Broadcom's acquisition, and configure VMnet adapters with the virtual network editor.

Install eve-ng on VMware Workstation using ISO, create a new VM with bridged networking and 8–16 gb ram, then access the GUI at 192.168.1.167 with default credentials.

Download and import the linux tiny core image into eve-ng, create the linux-tiny-6.4 folder, fix permissions, attach a network, boot via vnc, and verify connectivity with ping.

Download pan os images in qcow2 or ovf formats from the customer support portal and import them into eve-ng, then boot and configure the Palo Alto device in a VM.

Add Cisco viral ios images to eve-ng labs by downloading qcow2 files, placing them in vendor-named folders per naming conventions, then upload, set permissions, and boot L2 and L3 devices.

Learn to add a Windows 7 host in EVE-NG by importing a ready-to-use image, copying it to the lab, configuring networking, and testing connectivity.

Configure the Palo Alto firewall with inside and outside interfaces, set default route to the edge router, enable dynamic nat, and create a trust-to-untrust security policy.

Explore how Palo Alto Networks' next-generation firewalls protect networks with app ID, user ID, content ID, and URL filtering, across perimeter security, internal segmentation, data centers, cloud, and remote work.

Learn how IP routing forwards packets across networks with layer 3 devices, builds routing tables for connected, static, and dynamic routes, and selects paths using RIP, OSPF, ISIS, and BGP.

Learn to configure Palo Alto virtual routers inside the firewall, attach interfaces, build routing tables, and enable static and dynamic routes with OSPF, BGP, and PBR for inter-VR routing.

Configure static routing and a default route on the Palo Alto firewall to reach inside router loopbacks and internet via the edge router, using precise next-hop addresses.

Configure RIP v2 on PA firewall to advertise loopback and internal networks using hop count with classless updates, enforce MD5 authentication, and verify routes via policy and monitoring.

Explore ospf theory and a Palo Alto lab, covering open shortest path first, area zero backbone, multi-vendor lsa types, and md5 authentication for fast, scalable convergence.

Configure BGP between the Palo Alto firewall and edge router, advertise the 99/24 network, and verify a successful neighborship, while understanding BGP fundamentals, states, and attributes.

Explore how route redistribution on a Palo Alto firewall shares routes between mixed protocols, such as OSPF, BGP, and static routes, using redistribution profiles and export rules.

Learn how to configure the dhcp server on a Palo Alto firewall, including address pools, lease times, and options. Understand Dora process and the role of udp ports 67/68.

Explore DNS fundamentals and an overview of NTP, including how domain names map to IP addresses through recursive resolvers and root, top-level domain, and authoritative servers, plus common DNS issues.

Learn how network time protocol (NTP) synchronizes clocks across devices via a stratum hierarchy from GPS/atomic clocks to UTC, with client–server roles and multi-server queries.

Configure DNS and NTP on a Palo Alto firewall via the web interface, set primary and secondary DNS, optional proxy, and NTP servers, then commit and verify with a ping.

Master ssl tls basics, including handshake, cipher suites, and certificates, and see how a palo alto firewall uses ssl forward proxy to decrypt and inspect https traffic.

Master Palo Alto firewall security policy basics by configuring trust and untrust zones, intra zone and inter zone rules, default policies, and policy cloning with revert and commit.

Learn how Palo Alto content ID, App ID, and user identification enable real-time, application-level traffic inspection with content ID profiles, enforcing security policies and blocking threats.

Learn how App-ID identifies applications traversing the network to enforce policies based on application rather than ports, using signatures, protocol decoding, and behavioral analysis.

Create application filters in Palo Alto firewall using category, subcategory, risk tags, or characteristics, apply them in security policies and leverage groups, dependencies, and logs to enforce and adjust access.

Explore how application shift occurs in Palo Alto firewalls via app ID, and mitigate it by enabling SSL decryption, using app-ID based policies, and monitoring logs to refine rules.

Learn to create custom applications and configure application overrides in the Palo Alto firewall, manage PAN database updates, and apply signatures, ports, and timeouts to control proprietary traffic.

Discover how Palo Alto app dependencies work, identify and include dependent applications in security policies, and use application groups to manage and enforce related traffic.

Configure the Palo Alto antivirus profile as part of content ID inspection, clone to customize, attach to security policies or groups, and enable SSL decryption for inline threat scanning.

Configure and enforce a Palo Alto anti-spyware profile to detect and block spyware, C2 traffic, and malicious DNS requests using DNS sinkhole, threat signatures, and SSL decryption.

Configure the Palo Alto vulnerability protection profile, part of content ID inspection, to detect and prevent exploits. Set severity levels, actions (block, reset), and logging across security zones.

Configure Palo Alto URL filtering to enforce access by category using a cloud-delivered database, with custom or dynamic categories, applying actions like allow, block, alert, continue, or password-override.

Configure a file blocking profile in the Palo Alto firewall to inspect traffic for malicious or sensitive file types, block them by policy in both directions, and enforce compliance.

Configure data filtering profiles in the Palo Alto firewall to enforce data loss prevention. Detect credit card and social security numbers, apply regex patterns, and block or alert as needed.

Explore packet buffer protection, zone protection profiles, and security profile groups in Palo Alto firewalls; learn how thresholds and offenders drive traffic control to protect resources and simplify policy management.

Configure a DoS protection profile to mitigate DoS and DDoS attacks by limiting TCP, UDP, and ICMP floods and per-second connections, then apply it in a security policy.

Configure wildfire analysis on the Palo Alto firewall to detect zero-day threats by sending suspicious files to cloud or on-prem sandbox, enabling dynamic analysis and automatic signature updates.

Explore Palo Alto firewall licensing types—evolution, perpetual, and subscription—and how they unlock threat prevention, wildfire, and URL filtering. Learn dynamic updates and device software management, including upgrade paths.