Duration 5 days – 35 hrs
Overview
This training course is designed to prepare participants for the Palo Alto Networks Certified Network Security Engineer (PCNSE) certification. The course provides a comprehensive understanding of Palo Alto Networks technologies, including firewall configurations, network security concepts, and advanced troubleshooting skills. By the end of this course, participants will be equipped with the knowledge and skills required to deploy, manage, and operate Palo Alto Networks security platforms effectively.
Objectives
- Understand the core features and functionalities of Palo Alto Networks firewalls and security solutions.
- Learn how to configure and manage Palo Alto Networks Next-Generation Firewalls.
- Gain expertise in managing and troubleshooting network security, advanced policies, and user management.
- Prepare for the Palo Alto Networks Certified Network Security Engineer (PCNSE) certification exam.
- Master the concepts of Security, Networking, Threat Prevention, VPNs, and Application Identification
Audience
- Network Security Engineers
- IT Professionals working with Palo Alto Networks security solutions
- System Administrators and Security Analysts
- Professionals preparing for the PCNSE certification exam
Pre- requisites
- Basic understanding of networking concepts (TCP/IP, subnetting, routing, etc.).
- Experience with firewalls or other security technologies is recommended.
- Familiarity with general cybersecurity concepts and practices.
Course Content
Introduction to Palo Alto Networks and Next-Generation Firewalls
- Overview of Palo Alto Networks’ product offerings
- Core firewall architecture and packet flow
- Understanding the role of the next-generation firewall
Initial Configuration and Interface Setup
- Configuring administrative access
- Setting up interfaces and zones
- Security policies and NAT configurations
Security and NAT Policies
- Creating and managing security policies
- Policy best practices and troubleshooting
- Understanding NAT types and configurations
App-ID, Content-ID, and URL Filtering
- Application Identification and control
- Configuring URL filtering profiles and policies
- Managing and controlling web access
User-ID and SSL Decryption
- User identification and mapping users to IP addresses
- Implementing SSL decryption policies
- Best practices for deploying User-ID and SSL Decryption
Threat Prevention and WildFire
- Configuring Threat Prevention profiles (Anti-Virus, Anti-Spyware, Vulnerability Protection)
- Introduction to WildFire and its integration
- Advanced Threat Prevention settings
VPN Configurations
- Site-to-site and GlobalProtect VPN setup
- Configuring VPN policies and troubleshooting common issues
- Understanding the role of IPsec and SSL VPN
Logging, Reporting, and Monitoring
- Logging and monitoring traffic and threats
- Using the Palo Alto Networks Dashboard
- Configuring alerts and automated reports
Panorama Overview and Management
- Introduction to Panorama for centralized management
- Configuration and deployment of devices using Panorama
- Best practices for centralized policy management
Advanced Troubleshooting Techniques
- Troubleshooting tools and CLI commands
- Resolving connectivity and policy issues
- Advanced debugging techniques for common network problems