Palo Alto Firewalls Configuration By Example - PCNSE Prep
- 26 hours on-demand video
- 2 articles
- 15 downloadable resources
- Full lifetime access
- Access on mobile and TV
- Certificate of Completion
Get your team access to 4,000+ top Udemy courses anytime, anywhere.Try Udemy for Business
- Understand Palo Alto Firewalls Deployment Methods
- Understand how to deploy Palo Alto Firewalls in both Azure and AWS
- Understand Palo Alto Firewalls Security Policies
- Understand Palo Alto Firewalls NAT configuration
- Understand Palo Alto Firewalls Network Configuration
- Understand User ID Integration
- Configure user ID integration using User ID Agent
- Configure Captive Portal to authenticate users
- Understand Captive Portal different methods including, redirection, transparent and SSO with examples
- Understand the difference betwen NAT Source, Destination, UTurn
- Understand security zones and traffic processing in PaloAlto Firewalls
- Understand the packet flow through the PaloAlto Firewalls
- Understand Threat Prevention capabilities of the PaloAlto Firewalls
- Understand AntiSpyware, AntiVirus, IPS configuration
- Understand AntiySpyware and DNS Sinkholing
- Configure AntiSpyware, Antivirus and IPS
- Understand PaloAlto firewall AntiSpyware policy using example configuration
- Understand how to configure wildfire
- Understand how to configure Data Leakage Protection
- Configuring SSL Decryption
- Understand SSL Decryption
- Understand SSL decryption using a PaloAlto firewall SSL decryption example
- Understand how to prevent Split Brain situation with firewalls in Active / Passive HA
- PaloAlto Firewalls U-turn NAT configuration example
- Understand the difference between Inbound and Outbound proxy
- Understand the concept of Virtual Routers
- Configuration of BGP and OSPF example
- Configuration of multiple ISP with different failover scenarios
- Configuration of policy based forwarding using different scenarios
- Configure VPN IPSEc L2L tunnel on Paloato Firewall with different scenarios
- Understand the difference between IKEv1 and IKEv2 and how to deploy Palo Alto firewall with IKEv2 and the benefits
- Understand the difference between IKEv1 main mode and aggressive mode with scenarios
- Understand IKE PFS and how to configure it
- UnderstISEand and Configure High Availability Active / Passive
- Understand and Configure High Availability Active / Active with Floating IP Arp load sharing
- Understand Active Active NAT configuration with examples
- Understand and Configure IPv6 on PaloAlto Firewalls
- Understand how to deploy DHCPv6 Relay on PaloAlto firewalls
- Understand and Configure IPv6 on Palo Alto firewalls with examples.
- Understand How to configure IPV6 NPTv6 and NAT64
- Understand how to configure Palo Alto firewall in Azure with example
- Understand Panorama Concepts, device groups, templates, template stacks
- Understand QoS configuration Concepts and how you can configure QoS Marking
- Understand QoS classification and markings
- Understand QoS for IPSEc tunnel, bidirectional QoS enforcement, QoS markings and QoS copy Tos Header
- Understand how to deploy Palo Alto firewall in Google Cloud
- Students needs to be familiar with firewall concepts
- Students needs to understand Networking Fundamentals
- Students need to understand basic networking
PaloAlto firewalls are true Next Generation firewalls built from the ground up to address legacy firewalls issues. It is the first firewall platform to make decisions based on applications not just ports and protocols. The PCNSE exam requires deep understanding of the topics. Exam dumps is not the way to go. You need to practice the concepts and be clear on how to configure this feature rich firewall platform. You need to study the concepts. This class guide you through the configuration of different features and how to practice on AWS and Unetlab. This class covers many topics required for PCNSE7 or PCNSE8 and new topics are added frequently.
This course dives deeper into Palo Alto firewalls policies and network configuration to give the students a clear understanding on several topics. Topics covered include Security Policies configuration, SSL Decryption, Routing configuration, IPsec configuration, IPv6 configuration, High Availability configuration, QoS and other real world
This online class will help in preparing the student for the PCNSE certification by covering topics in the depth that Palo Alto expects the candidates to know.
There are no materials included with this class.
Students are expected to have understanding of network terminology and be familiar with stateful firewall concepts, network address translation and routing protocols.
There are a lot of topics covered, please click on show full curriculum to see the topics covered.
You get a certificate of completion after you complete this class
- This Class is Suited for students who want to get deeper understanding on configuration Palo Alto Firewalls
- This class is for students who want to see PaloAlto firewalls configuration examples
This lecture explains virtual wire deployment and provides a couple of scenario, one with straight virtual wire one interface to another interface and another scenario showing virtual-wires with vlan trunking. It also explains the spanning-tree default behavior of the Palo Alto firewalls in virtual-wire mode and how to change this behavior if so required.
This lecture shows you what software you need to have to setup a test environment so you can practice the different scenarios discussed in the class. It goes over the general steps to setup unetlab (now EVE-NG) to create your own test environment to practice the many scenarios in this class.
This lecture shows the student how to use the Radius server to dynamically assign local admin users from active directory and give them the appropriate rule without creating any local accounts on the firewall. This facilitates managing administrators on firewalls without touching firewall configuration for each newly added administrator.
Demo of how to configure your domain controller to log events pertinent to User Identification. Show how to configure the user ID agent on a server to collect logs and send it to the PaloAlto firewall. Show how to configure the PaloAlto firewall to talk to the User ID agent and get the events relating to user logon.
Configuration Example of Integrated User ID agent in Palo Alto firewall. Demo of how to configure and utilize the integrated User ID agent on the firewall itself to collect user to IP mappings. The Palo Alto firewall has an integrated User ID agent that can be configured to connect directly to Active Directory Servers and gather users logon events and Kerbereos events and extract User and IP address to be utilized by the Palo Alto firewall for security policy decisions.
Demo of how to configure the firewall to integrate with LDAP to get user to group mapping and utilize this information in your security policy. This lecture provide a configuration example of setting the Palo Alto firewall to talk to an LDAP server to get the Active Directory groups.
Demo of how to utilize user to group mapping in your security policy. This lecture goes over configuration example of LDAP on PaloAlto firewalls to map user IDs to Active Directory groups. This allows the Palo Alto firewall to make security policy decisions based on Active Directory group membership.
Demo showing the configuration of the firewall to utilize Captive Portal to get User ID information for users that failed identification using the AD agent.
Demo of how to configure PaloAlto firewalls to utilize the XML API to send user to ip mapping to the firewall, this feature allows to integrate with non supported User ID solution out of the box. This lecture goes over a scenario of configuration example of PaloAlto firewall user ID using XML provided information.
This lecture provide a configuration example of how to send syslog information to the PaloAlto firewall to extract User ID information. This example shows a Cisco ASA sending syslog information for Anyconnect VPN users to get their User ID information. Demo of how to utilize Syslog events to map user to IP addresses, example showing integration with Cisco ASA syslog events. Many companies still use Anyconnect on Cisco ASA; however, this doesn't prevent them from putting the ASA behind the Palo Alto firewall to benefit from Next Generation Features.
Understanding AntiSpyware and DNS sinkholing and demoing configuring those features to protect from spywares on your network.
Lab demonstration of active/passive setup between 2 PaloAlto firewalls, configuring HA1 and HA2, configuring preemption, HA groups and all settings required to enable two PaloAlto firewalls to start synchornizing their configuration and sessions as well as preempt active/passive in case of failover.
Showing the student what happens when HA1 interfaces go down without a backup or heartbeat backup. Showing students synchornization on HA1 as well as the way firewalls perform when they are in active/standby pair. Further, showing the student how to avoid split brain situations.
This lecture demos Link monitoring using Link Groups and explain the purpose of Link Groups. This lecture demos the Path monitoring and explain the purpose of Path monitoring. This lecture shows operational commands for manual HA failover.
Configuration of Arp Load sharing with Active / Active high availability example. In this scenario, a Palo Alto pair of firewalls are configured in Active/active high-availability with a destination NAT that is shared by the two firewalls using arp load sharing.