Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Prisma Access SASE Security: Design and Operation (EDU-318)

Name: Prisma Access SASE Security: Design and Operation (EDU-318)
Rating: 3.7 (620 reviews)

Palo Alto Prisma Access SASE, SSE

Created bySDWan Networks

Last updated 3/2024

English

What you'll learn

Students will have deep dive understanding of Prisma Access SASE Solution
Students will have deep dive knowledge of configuring the Prisma Access SASE Solution
Students will Learn how to use Prisma Access to Secure their Networks and Mobile users
Students will able to take the certification exam from Palo Alto for Prisma Access Designing & Operation.

Course content

9 sections • 85 lectures • 12h 5m total length

Challenges with Traditional Branch Architecture8:48
Challenges with Traditional VPN Architecture12:03
Perimeter Is Everywhere6:06
What is Secure Access Service Edge (SASE)7:33
Learn how SASE enables secure user access to data and applications from anywhere by cloud-native delivery, with identity-based and location-based policies, zero-trust, CASB, DNS security, and SD-WAN.
Prisma Access Overview & Architecture20:31
Prisma Access For Remote Networks5:00
Explore Prisma Access for networks, delivering cloud-based security processing nodes with app id, url filtering, and threat prevention, while enabling direct internet and SaaS access and data center connectivity.
Prisma Access for Users4:59
Prisma Access for users provides vpn with app id, url filtering, dlp, and threat prevention. It enables access to data centers, internet, and saas for unmanaged, agent-based, and pac users.
Benefits of Software As A Service Design Model5:19

Prisma Access Planning & Design13:24
Prisma Access Licensing13:11
Cloud Managed Prisma Access6:14
Panorama Managed Prisma Access3:32
Explore Panorama managed Prisma Access and its single pane for on-prem and cloud deployments, reusing existing policies, device groups, and templates.
Service Infrastructure4:31
Discover the Prisma Access service infrastructure, the cloud foundation that connects mobile users, data centers, and branch offices, and plan subnets, IP addresses, and BGP ASN to prevent routing conflicts.
Service Infrastructure Subnet Planning6:08
Service Infrastructure BGP AS Planning3:06
Service Connections Planning9:05
Remote Networks Planning7:36
Aggregate Bandwidth Model9:39
Mobile User Deployment Planning & Design Considerations - Global Protect9:43
Resiliency & Redundancy Design Considerations-Service Connections11:56
Design resilient service connections by enforcing redundancy at every layer, from Prisma Access with HA and dual compute locations, to dual IPsec tunnels, data center firewalls, and dual internet circuits.
Resiliency & Redundancy Design Considerations- Remote Networks8:56

Remote Network to Service Connection Traffic Flow4:23
Explain how branch users reach region-specific data centers via Prisma Access, remote security processing node, and service connection, with failover to the other data center when tunnels fail.
Remote Network to Mobile User Traffic Flow3:39
Remote Network to Remote Network Traffic Flow2:11
Mobile User To Remote Network Traffic Flow5:10
Mobile User To Service Connection Traffic Flow4:51
Mobile User To Mobile User Traffic Flow4:12
Service Connection to Service Connection Traffic Flow1:54
Explore how traffic from data center one travels through a Prisma Access service connection to data center two, with routing checks at each hop and sync between data centers.
Routing Modes for Service Connections6:44
Prisma Access Default Routing-Without Backbone Network Connectivity8:48
Prisma Access Default Routing-With Backbone Network Connectivity9:56
Prisma Access Hot Potato Routing18:08
Prisma SD-WAN Overview25:00
Prisma SD-WAN Design Considerations16:09
Prisma SD-WAN ION Devices11:49
High-Availability Design –Remote Office14:40
High-availability Design –Data Center10:21
Data Center Scaling -Design9:38

Prisma Access Zero Trust Network Access (ZTNA) Connector Overview4:33
Explore how the Prisma Access GTN connector enables zero trust network access to private data center apps through automatic tunnels from GT to the GTA connector.
ZTNA Connector Components5:14
ZTNA Connector Use Cases6:50
ZTNA Connector VS Service Connections6:59
Compare the GTN connector and service connection in Prisma Access, highlighting automatic tunnel establishment and location discovery with GTN, overlapped network access, and ten gbps versus one gbps throughput.
ZTNA Connector Supported Hosting Environment2:42
Network Requirements to Enable The ZTNA Connector5:45
How does ZTNA Connectors works – Packet Flow16:14
Enable The ZTNA Connector- Panorama Managed5:04
Configure ZTNA Connector14:47
Deploy ZTNA Connector in VMware ESXi8:14
Upgrade ZTNA Connector2:24

Planning Checklist To Activate Prisma Access – Panorama Managed3:43
Master a planning checklist to activate Prisma Access for Panorama Managed, including activation email/link, cloud service plugin requirements, DNS and NTP configuration, and CSP portal verification.
Activate Prisma Access – Panorama Managed5:31
Integrate the Panorama with Prisma Access6:21
Configure the Service Infrastructure-Panorama Managed14:36
Predefined IPSec Tunnels for Third Party Devices5:06
Explore predefined IPsec tunnels and gateways in Prisma Access for third-party sd-wan devices. Learn how to reuse, customize, or backup these configurations via Panorama Service Connection and remote network templates.
Configure IPSec for Service Connection-Panorama Managed11:05
Configure the Service Connection with Static Routes-Panorama Managed10:00
Configure the Service Connection with BGP-Panorama Managed14:37
Configure a service connection with BGP routing from Panorama to Prisma Access, enable route summarization and no export community, then commit and push to Prisma Access.

Templates & Template Stacks5:47
Device Groups4:47
Explore device groups in SD-WAN networks, Panorama, and Palo Alto firewalls to group policies and objects by data centers, branches, or regions within a hierarchical device group structure.
Device Group Hierarchy6:10
Device Group Policies4:06
Device Group Objects7:01
Understand how device group objects define scope across shared and local groups, how inheritance and duplication determine object precedence in policies.
Predefined Templates & Device Groups3:39
Prisma Access Zones4:07
Explore Prisma Access zones, including trust, untrust, and clientless VPN, and how Prisma Access manages zones and interfaces while customers create security policies mapped to these zones.

Remote Network Templates & Device Groups4:11
Prisma Access Zones Configuration & Mapping5:03
Remote Network Bandwidth Allocation4:02
Allocate bandwidth for remote networks in Prisma Access by selecting the compute location and Mbps, then commit and post the changes to Prisma Access.
Onboarding Remote Networks with Single IPSec Tunnel & Static Routes8:17
Onboarding Remote Networks with Single IPSec Tunnel & BGP9:49
Onboard remote networks with a single ipsec tunnel and bgp in prisma access, configuring the ipsec termination node, predefined templates, and optional backup paths.
Onboarding Remote Networks with Multiple IPSec Tunnels & ECMP with BGP8:53

Mobile Users Templates & Device groups5:55
Learn how to configure mobile user templates and device groups in Prisma Access, manage a parent device group with inherited security policies via Panorama, and commit and push changes.
Mobile Users Zone Creation & Mapping5:17
LDAP Server Profile & Authentication Profile Creation For Mobile Users10:49
Onboard Mobile Users – Global Protect27:00
Verify Mobile Users – Global Protect5:58
GlobalProtect – Split Tunneling6:31
Mobile User GlobalProtect – App Settings13:58
Mobile User GlobalProtect – App Settings- 211:26
Mobile User GlobalProtect – App Settings- 318:45
Mobile Users GlobalProtect – App Upgrades3:45
Learn to upgrade the GlobalProtect app for mobile users in Prisma Access via Panorama, including activation and commit and push of the new version.
Allow GlobalProtect – App Upgrades In Stages9:57

How Explicit Proxy works7:40
Discover how explicit proxy works with Prisma Access: a pac file routes browser traffic to the proxy, where ssl decryption, saml authentication via acs, and policy checks govern access.
Explicit Proxy- Configuration Guidelines12:02
Configure explicit proxy in prisma access with valid licenses and ssl decryption for https traffic. Enforce tls 1.3, note http/2 downgrades, and plan for pac file, idp reachability, saml authentication.
PAC File Guidelines8:43
Configure Azure AD SAML Profile & Authentication Profile for Explicit Proxy17:39

Requirements

Participants should have a basic knowledge of cloud computing and the public cloud.
Participants must complete the Firewall Essentials: Configuration and Management course (EDU-210).
Panorama: Managing Firewalls at Scale course (EDU-220) or have equivalent experience.
Participants also must have experience with networking concepts, including routing, switching, and IP addressing

Description

The Prisma Access SASE Security: Design and Operation (EDU-318) course describes Panorama Managed Prisma Access Secure Access Service Edge (SASE) and how it helps organizations embrace cloud and mobility by providing network and network security services from the cloud. This course is intended for people in public cloud security and cybersecurity or anyone wanting to learn how to secure remote networks and mobile users by using the Prisma SASE provided by Palo Alto.

Objectives

Successful completion of this course will help enhance your understanding of how to protect better your applications, remote networks, and mobile users using a SASE implementation. You will get hands-on experience configuring, managing, and troubleshooting Prisma Access.

Target Audience

Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Network Engineers.

Prerequisites

Participants should have a basic knowledge of cloud computing and the public cloud. Participants must complete the Firewall Essentials: Configuration and Management course (EDU-210) and the Panorama: Managing Firewalls at Scale course (EDU-220) or have equivalent experience. Participants also must have experience with networking concepts, including routing, switching, and IP addressing.

Course Modules

1. Prisma Access Overview

2- Planning and Design

3- Routing and SD-WAN Design

4- Zero Trust Network Access (ZTNA) Connector

5- Activate and Configure

6- Security Processing Nodes

7- Panorama Operations for Prisma Access

8- Remote Networks

9- Mobile Users

10- Cloud Secure Web Gateway

11- Tune, Optimize, and Troubleshoot

12- Manage Multiple Tenants

13- Insights

14- ADEM

Who this course is for:

Security Engineers
Security Administrators
Security Operations Specialists
Security Analysts
Network Engineers
Network Architects
Security Architects

Prisma Access SASE Security: Design and Operation (EDU-318)

What you'll learn

Explore related topics

Course content

Prisma Access Overview8 lectures • 1hr 10min

Planning & Design13 lectures • 1hr 47min

Routing and SD-WAN Design17 lectures • 2hr 38min

Zero Trust Network Access (ZTNA) Connector11 lectures • 1hr 19min

Activate and Configure8 lectures • 1hr 11min

Panorama Operations for Prisma Access7 lectures • 36min

Remote Networks6 lectures • 40min

Mobile Users11 lectures • 1hr 59min

Cloud Secure Web Gateway4 lectures • 46min

Requirements

Description

Who this course is for: