Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword or section
Like this

Table Of Contents

•“About This Guide” in the next section
•“Organization” on page9
About This Guide
Typographical Conventions
Notes and Cautions
Related Documentation
Obtaining More Information
Technical Support
•“About the Firewall” in the next section
About the Firewall
Features and Benefits
About the Management Interfaces
Getting Started
Preparing the Firewall
Setting Up the Firewall
Using the Firewall Interface
Navigating to Configuration Pages
Device Management
About Virtual Systems
Communications Among Virtual Systems
Shared Gateways
Shared gateway
Defining Virtual Systems
Configuring Shared Gateways
About High Availability
Setting Up High Availability
Enabling High Availability on the Firewall
About User Identification Agents
•“About Captive Portals” in the next section
•“Configuring the Firewall for User Identification” on page35
About Captive Portals
Configuring the Firewall for User Identification
About the User-ID Agent for Active Directory
Configuring the User-ID Agent
Uninstalling and Upgrading the User-ID Agent
About the User-ID Agent for eDirectory or API
About the Terminal Services Agent
About Administrator Roles, Profiles, and Accounts
Defining Administrator Roles
About Authentication Profiles
Setting Up Authentication Profiles
Configuring RADIUS Server Settings
Configuring LDAP Server Settings
Creating Administrative Accounts
Defining SNMP Trap Destinations
Defining Syslog Servers
Defining Email Notification Settings
Scheduling Log Exports
About System Setup, Configuration, and License Management
•“Defining the Host Name and Network Settings” in the next section
Defining the Host Name and Network Settings
Proxy Server:
Defining Custom Response Pages
Upgrading the PAN-OS Software
Updating Threat and Application Definitions
Importing, Exporting and Generating Security Certificates
Support for Certificate Revocation List and Online Certificate Status Protocol
Viewing Support Information
Network Configuration
About Firewall Deployment
•“About Virtual Wire Deployments” in the next section
About Virtual Wire Deployments
About Layer 2 Deployments
About Layer 3 Deployments
About Tap Mode Deployments
About Point-to-Point Protocol over Ethernet Support
Defining Virtual Wires
About Firewall Interfaces
About Aggregate Interface Groups
Viewing the Current Interfaces
Configuring Layer 2 Interfaces
Configuring Layer 2 Subinterfaces
Configuring Layer 3 Interfaces
Configuring Layer 3 Subinterfaces
Configuring Virtual Wire Interfaces
Configuring Aggregate Interface Groups
Configuring Aggregate Ethernet Interfaces
Configuring VLAN Interfaces
Configuring Loopback Interfaces
Configuring Tap Interfaces
Configuring High Availability Interfaces
About Security Zones
Defining Security Zones
About Virtual Routers and Routing Protocols
Routing Information Protocol
Open Shortest Path First
Border Gateway Protocol
Redistribution Profiles
Defining Virtual Routers
About DHCP Options
About VLAN Support
About Network Profiles
Defining Interface Management Profiles
Defining Zone Protection Profiles
About Security Policies
Log Setting
About NAT Policies
NAT Policy Examples
About Policy-Based Forwarding Policies
About SSL Decryption Policies
Policies > SSL Decryption
Specifying Users and Applications for Policies
About Application Override Policies
Defining Application Override Policies
Policies > Application Override
About Captive Portal Policies
About Security Profiles
About Antivirus Profiles
Defining Anti-Spyware Profiles
About Vulnerability Protection Profiles
About URL Filtering Profiles
Defining File Blocking Profiles
Defining Data Filtering Profiles
About Other Policy Objects
About Addresses and Address Groups
Defining Address Groups
About Applications and Application Groups
Custom Applications with Signatures
About Application Filters
About Services and Service Groups
About Data Patterns
About Custom URL Categories
About Custom Threat Signatures
About Security Profile Groups
About Log Forwarding
About Schedules
Reports and Logs
Using the Dashboard
Using the Application Command Center
To view the Application Command Center:
Viewing App-Scope Reports
Summary Report
Change Monitor Report
Threat Monitor Report
Threat Map Report
Network Monitor Report
Traffic Map Report
Viewing the Logs
Managing PDF Summary Reports
Managing User Activity Reports
Managing Report Groups
Scheduling Reports for Email Delivery
Viewing Reports
Generating Custom Reports
Identifying Unknown Applications and Taking Action
Taking Action
Configuring IPSec Tunnels
About Virtual Private Networks
About IPSec VPNs and SSL VPNs
About VPN Tunnels
About IPSec and IKE
About IPSec and IKE Crypto Profiles
Setting Up IPSec VPNs
Defining IKE Gateways
Defining IKE Crypto Profiles
Defining IPSec Crypto Profiles
Setting Up IPSec Tunnels
Defining Tunnel Monitor Profiles
Viewing IPSec Tunnel Status on the Firewall
Sample VPN Configuration
•“Existing Topology” in the next section
•“New Topology” on page201
Existing Topology
New Topology
Configure the VPN Connection
VPN Connectivity Troubleshooting
Configuring SSL VPNs
About SSL VPNs
How the SSL VPN Works
Setting Up SSL VPNs
Adding a new SSL VPN
Downloading and Activating the NetConnect SSL VPN Client
Downloading and Activating the NetConnect SSL VPN Client
Creating a Local User Database
Adding Local Users
Adding Local User Groups
Configuring Quality of Service
•“About Firewall Support for QoS” in the next section
About Firewall Support for QoS
Configuring QoS for Firewall Interfaces
Defining QoS Profiles
Defining QoS Policies
Displaying QoS Statistics
Panorama Installation
•“Installing Panorama” in the next section
Installing Panorama
Setting Up a Custom Virtual Disk
Performing the Final Setup
Accessing Panorama for the First Time
Creating an SSL Certificate
Central Management of Devices
•“Accessing the Panorama Interface” in the next section
Accessing the Panorama Interface
About the Panorama Interface
Panorama Tab
Viewing Information on Individual Devices
Adding Devices
Defining Device Groups
Managing Administrator Roles
Specifying Access Domains for Administrators
Upgrading the Panorama Software
Backing Up Firewall Configurations
Custom Pages
•“Default Antivirus Response Page” in the next section
Default Antivirus Response Page
Default Application Block Page
Default File Blocking Block Page
Default URL Filtering Response Page
Default Anti-Spyware Download Response Page
Default SSL Decryption Opt-out Response Page
Captive Portal Comfort Page
URL Filtering Continue and Override Page
SSL VPN Login Page
SSL Certificate Revoked Notify Page
Application Categories, Subcategories, Technologies, and Characteristics
•“Application Categories and Subcategories” in the next section
Application Categories and Subcategories
Application Technologies
Application Characteristics
Federal Information Processing Standards Support
Open Source Licenses
Artistic License
GNU General Public License
GNU Lesser General Public License
0 of .
Results for:
No results containing your search query
P. 1
PA-3.1 Administrators Guide(2)

PA-3.1 Administrators Guide(2)

Ratings: (0)|Views: 2,542|Likes:
Published by Leonid Gruzdoff

More info:

Published by: Leonid Gruzdoff on Oct 23, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 6 to 60 are not shown in this preview.
You're Reading a Free Preview
Pages 66 to 71 are not shown in this preview.
You're Reading a Free Preview
Pages 77 to 119 are not shown in this preview.
You're Reading a Free Preview
Pages 125 to 263 are not shown in this preview.
You're Reading a Free Preview
Pages 269 to 274 are not shown in this preview.

Activity (5)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
abusuan liked this
Lana Dani liked this
fengkaihao liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->