PALO ALTO

ccna-banner
  • Module 1– Platform overview
  • Understanding on Hardware architecture of next generation firewall 
  • Single pass architecture
  • Flow logic
  • Segregated control plane and data plane
  • Hardware architecture
  • Fast path

  • Module 2 – Administration and Management
  • Administration and management of firewall  using GUI, CLI,
  • Overview of REST API
  • ConfigMgmt, PAN-OS, Account Administration

  • Module 3 – Interface Configuration
  • Understating on various interface types including Tap, v-waire, layer3, HA
  • Security zones overview
  • Designing network security with  layer2, transparent and layer3 deployment

  • Module 4– layer3 configuration
  • Overview of layer 3 technologies including Virtual routers , interface management profile and service route configuration
  • Policy based forwarding, Static and dynamic routing protocols
  • Network address translation 
  • Dynamic IP/Port
  • Dynamic IP
  • Static IP
  • Destination NAT Type 
  • Static IP
  • Port forwarding
  • NAT Specific traffic flow
  • Understating  and implementation of NAT policies

  • Module 5 – Application –ID
  • Overview of application APP-ID
  • Various component & technologies  of application identification process
  • Application-ID traffic flow
  • Overview of security policy
  • App-id and security policies configuration
  • Advance concepts on application and security policies 
  • Application dependencies
  • Managing policy behavior
  • Custom application signatures
  • Logging and reporting
  • Overview of SSL session setup and underrating on PAKI
  • how to configure firewall for SSL visibility
  • inbound deep packet inspection of SSL traffic  – IPS and other signatures for inbound SSL traffic

  • Module 6 – User-ID
  • Overview and understating  on user-id
  • User-id flow & user based policies
  • understating on user-id process
  • Enumerate users and group with Active directory and LDAP
  • User id agent identification method
  • understating  on AD security logs, CAS security logs, shared server sessions and WMI queries
  • Captive portal overview for guest authentication

  • Module 7 – Content-ID
  • Overview of content-id modules and security profiles
  • Understanding  on advance deep packet inspection using 
  • Anti-virus profiles
  • Anti-spyware profiles
  • Vulnerability scanning profiles
  • Url filtering profiles
  • File blocking profiles
  • Wild fire profiles
  • Administration of security profiles
  • Zone protection profiles

  • Module 8 – VPN 
  • Overview of VPN technologies 
  • SSL VPN
  • IPsec VPN
  • Understating on policy and route based VPN
  • Implementing VPN on PAN oS
  • Advance understanding of SSL VPN technology
  • Global protect Overview
  • Establishing SSL VPN with global protect

  • Module 9 – High Availability
  • Overview of redundant architecture and high availability
  • understating on active-active and active-standby HA
  • understating  and managing split brain condition
  • path and link monitoring  configuration to handle failover conditions

  • Module 10 – Advance persistence threats
  • Overview of advance persistence threat technology
  • Overview on Cyberthreat trends 
  • Client side attacks
  • Customized/target attack
  • Social engineered attack
  • Understanding attacker motives 
  • Financial crime
  • Cyber Espionage
  • Hacktivism
  • State sponsored
  • Understanding advanced threat tactics 
  • Customized malware
  • Drive-by downloads
  • Watering hole attacks
  • Spear Phishing
  • Zero Day
  • understating modern malware lifecycle and attack stages
  • overview of Palo Alto wildfire services for targeted & persistence attacks
  • understanding wildfire architecture
  • policy configuration on Palo alto firewall for wild fire module

  • Module 11 – Threat Management/Prevention
  • Overview of KALI to Launch Network and application based attacks
  • Understanding on Foot printing and Reconnaissance using KALI
  • Hacking web application using SQL injection
  • Understanding on Denial of Service attacks
  • Overview of cyber security best practices 
  • File Blocking best practices – Use of Kali to launch attacks
  • URL filtering best practices
  • Vulnerability Protection best practices
  • Traps best practices
  • Understanding on reducing attack surface
  • Overview on investigating attacks
  • Indicators of Compromise
  • Logs and Reports
  • Log Correlation