PALO ALTO NEXT GENERATION

FIREWALL
Palo Alto Networks firewalls are next-generation
security appliances that provide advanced threat
prevention and network security capabilities.

Key Features:Application-based visibility and control

• Intrusion prevention system (IPS)
• Threat intelligence integration
• URL filtering and content inspection
• User-based policies
• VPN (Virtual Private Network) capabilities
 Palo Alto Firewall Architecture
• Overview of the architecture:Single-pass
architecture
• Control plane and data plane separation
• Hardware and software components
• High availability (HA) options
Palo Alto Firewall Deployment Scenarios

• Different deployment scenarios:

• Layer 2 deployment
• Layer 3 deployment
• Virtual Wire deployment
• Tap mode deployment
• VPN deployment
 Palo Alto Firewall Policies
• Policy Basics:
– Security policies
– NAT policies
• Policy Configuration:
– Creating policies
– Policy evaluation order
– Rulebase best practices
 Threat Prevention
• Overview of Threat Prevention
features:Intrusion Prevention System (IPS)
• Antivirus and Anti-Spyware
• WildFire (Advanced Threat Protection)
• File blocking and data filtering
• DNS Security
 Application Control
• Application Identification:
– App-ID technology
– Application characteristics
• Application Control Features:
– Application-based policies
– Application-based QoS
– Application visibility and reporting
 URL Filtering and Content Inspection

• URL Filtering:
– URL Categories
– Custom URL Categories
• Content Inspection:
– File blocking
– Data filtering
 User Identification and Policies
• User Identification Methods:
– Active Directory integration
– Captive Portal
– Terminal Server Agent (TSA)
• User-based Policies:
– User-based security policies
– User-based QoS policies
Network Address Translation (NAT)
• NAT Concepts:
– Source NAT
– Destination NAT
– NAT64
• NAT Configuration:
– NAT rules and policies
– NAT troubleshooting
 Virtual Private Networks (VPNs)
• VPN Types:
– Site-to-Site VPNs
– GlobalProtect Remote Access VPNs
• VPN Configuration:
– VPN profiles
– IPsec and SSL/TLS VPNs
– VPN troubleshooting
 High Availability (HA)
• HA Concepts:
– Active/Passive and Active/Active modes
– HA synchronization
– Failover scenarios
• HA Configuration:
– HA pairs and clusters
– HA deployment best practices
 Management and Reporting
• Panorama Management:
– Centralized device management
– Device groups and templates
• Logging and Reporting:
– Logs and log forwarding
– Threat and traffic reports
 Best Practices and Recommendations

• Best Practices:
– Secure configuration
– Regular software updates
– User training and awareness
• Recommendations:
– Integration with other security solutions
– Continuous monitoring and threat intelligence