PALO ALTO

ccna-banner

Module 1– Platform overview
Understanding on Hardware architecture of next generation firewall
Single pass architecture
Flow logic
Segregated control plane and data plane
Hardware architecture
Fast path

Module 2 – Administration and Management
Administration and management of firewall using GUI, CLI,
Overview of REST API
ConfigMgmt, PAN-OS, Account Administration

Module 3 – Interface Configuration
Understating on various interface types including Tap, v-waire, layer3, HA
Security zones overview
Designing network security with layer2, transparent and layer3 deployment

Module 4– layer3 configuration
Overview of layer 3 technologies including Virtual routers , interface management profile and service route configuration
Policy based forwarding, Static and dynamic routing protocols
Network address translation
Dynamic IP/Port
Dynamic IP
Static IP
Destination NAT Type
Static IP
Port forwarding
NAT Specific traffic flow
Understating and implementation of NAT policies

Module 5 – Application –ID
Overview of application APP-ID
Various component & technologies of application identification process
Application-ID traffic flow
Overview of security policy
App-id and security policies configuration
Advance concepts on application and security policies
Application dependencies
Managing policy behavior
Custom application signatures
Logging and reporting
Overview of SSL session setup and underrating on PAKI
how to configure firewall for SSL visibility
inbound deep packet inspection of SSL traffic – IPS and other signatures for inbound SSL traffic

Module 6 – User-ID
Overview and understating on user-id
User-id flow & user based policies
understating on user-id process
Enumerate users and group with Active directory and LDAP
User id agent identification method
understating on AD security logs, CAS security logs, shared server sessions and WMI queries
Captive portal overview for guest authentication

Module 7 – Content-ID
Overview of content-id modules and security profiles
Understanding on advance deep packet inspection using
Anti-virus profiles
Anti-spyware profiles
Vulnerability scanning profiles
Url filtering profiles
File blocking profiles
Wild fire profiles
Administration of security profiles
Zone protection profiles

Module 8 – VPN
Overview of VPN technologies
SSL VPN
IPsec VPN
Understating on policy and route based VPN
Implementing VPN on PAN oS
Advance understanding of SSL VPN technology
Global protect Overview
Establishing SSL VPN with global protect

Module 9 – High Availability
Overview of redundant architecture and high availability
understating on active-active and active-standby HA
understating and managing split brain condition
path and link monitoring configuration to handle failover conditions

Module 10 – Advance persistence threats
Overview of advance persistence threat technology
Overview on Cyberthreat trends
Client side attacks
Customized/target attack
Social engineered attack
Understanding attacker motives
Financial crime
Cyber Espionage
Hacktivism
State sponsored
Understanding advanced threat tactics
Customized malware
Drive-by downloads
Watering hole attacks
Spear Phishing
Zero Day
understating modern malware lifecycle and attack stages
overview of Palo Alto wildfire services for targeted & persistence attacks
understanding wildfire architecture
policy configuration on Palo alto firewall for wild fire module

Module 11 – Threat Management/Prevention
Overview of KALI to Launch Network and application based attacks
Understanding on Foot printing and Reconnaissance using KALI
Hacking web application using SQL injection
Understanding on Denial of Service attacks
Overview of cyber security best practices
File Blocking best practices – Use of Kali to launch attacks
URL filtering best practices
Vulnerability Protection best practices
Traps best practices
Understanding on reducing attack surface
Overview on investigating attacks
Indicators of Compromise
Logs and Reports
Log Correlation

Related links

Other Links

Call Us
011 420 413 99