Firewall-Palo Alto
Fundamentals of Packet flow with and without Firewall OSI/TCP Model (specifically-Application, Presentation, Session and Transport Layers) Concept of Networking Model and Services Model of Network Concept of Firewalling Services Need of DMZ Network Design with Firewall

Course Outline


Firewall Deployment considerations

  • Device level Vs Interface level Deployments
  • L3 Vs L2 deployments
  • Virtual wire and Tap mode Deployments

Concept of Virtual Router and Virtual Systems


Network Address Translation Concepts

  • Concept of Socket
  • Source NAT
  •      1. Dynamic IP
  •      2. Dynamic IP and Port
  •      3. Static NAT
  • Destination NAT
  •      1. Destination IP
  •      2. Destination IP and Port
  • U-turn NAT

App-ID and SP3 Architecture

  • App-ID and HTTP/2 Inspection
  • Manage Custom or Unknown Applications
  • Manage New and Modified App-IDs
  • Use Application Objects in Policy
  • Safely Enable Applications on Default Ports
  • Applications with Implicit Support
  • Security Policy Rule Optimization
  • Application Level Gateways
  • Disable the SIP Application-level Gateway (ALG)

Policy

  • Policy Types
  • Security Policy
  • Policy Objects
  • Security Profiles(Content ID)
  •      1. Antivirus Profiles
  •      2. Anti-Spyware Profiles
  •      3. Vulnerability Protection Profiles
  •      4. URL Filtering Profiles
  •      5. Data Filtering Profiles
  •      6. File Blocking Profiles
  •      7. WildFire Analysis Profiles
  •      8. DoS Protection Profiles
  •      9. Zone Protection Profiles
  •      10. Security Profile Group

  • Track Rules Within a Rulebase
  • Enforce Policy Rule Description, Tag, and Audit Comment
  • Move or Clone a Policy Rule or Object to a Different Virtual System
  • Use Tags to Group and Visually Distinguish Objects
  • Use an External Dynamic List in Policy
  • Register IP Addresses and Tags Dynamically
  • Monitor Changes in the Virtual Environment
  • CLI Commands for Dynamic IP Addresses and Tags
  • Identify Users Connected through a Proxy Server
  • Policy-Based Forwarding
  • Test Policy Rules

URL Filtering

  • About URL Filtering
  • How URL Filtering Works
  • URL Filtering Vendors
  • URL Filtering Use Cases
  • URL Categories
  • Plan Your URL Filtering Deployment
  • URL Filtering Best Practices
  • Configure URL Filtering
  • Monitor Web Activity
  • Create a Custom URL Category
  • URL Category Exceptions
  • Use an External Dynamic List in a URL Filtering Profile
  • Allow Password Access to Certain Sites
  • Safe Search Enforcement
  • URL Filtering Response Pages
  • Customize the URL Filtering Response Pages
  • Request to Change the Category for a URL
  • Troubleshoot URL Filtering

User-ID

  • User-ID Concepts
  • Enable User-ID
  • Map Users to Groups
  • Map IP Addresses to Users
  • Enable User- and Group-Based Policy
  • Enable Policy for Users with Multiple Accounts
  • Verify the User-ID Configuration
  • Deploy User-ID in a Large-Scale Network
  • Integration of AD/LDAP/Radius/Tacacs+ Servers

High Availability

  • HA Concepts
  • Set Up Active/Passive HA
  • Set Up Active/Active HA

Monitoring


Cryptography

  • Symmetric Cryptography
  •      1. Stream based
  •      2. Block based
  • Asymmetric Cryptography
  • Public Key Infrastructure
  • Root CA and more
  • Data Encryption Services
  • Data Integrity
  • Authentication Methods

VPN

  • Tunnels
  •      1. Concepts
  •      2. Types
  • Site-Site VPN
  • Remote-Access VPN
  •      1. Client Based
  •      2. Clientless
  • IPsec Framework
  •      1. Data Plane – ESP and AH
  •      2. Control Plane – Phase 1 and Phase 2
  • SSL/TLS/DTLS
  •      1. Data Plane -Packet flow
  •      2. Control Plane – Handshaking


img

teachers

2000

img

studests

3000

img

Graduates

1500

img

countries

1000

our gallery

#

 

Sign Up for Newsletter

If you sign up for newsletter you’ll not fail to get our update.

Follow Us: