Palo Alto Networks FIREWALL 8.0 ESSENTIALS: CONFIGURATION AND MANAGEMENT(PAN EDU-210)

コード 会場 TJ
期間 5日間 時間 9:30~17:30
形式
  • 講義
  • 実機演習
受講料金 別途お見積

目的

コースを修了すると、次の事ができるようになります。
● Palo Alto Networks製品のインストール、設定および管理することができる

対象

・パロアルトネットワークス社次世代ファイアウォールに携わるエンジニアの方

前提

・ルーティング、スイッチング、IPアドレス等ネットワークの基礎知識
・ポートベースのセキュリティ基礎知識
・他のセキュリティ技術(IPS、プロキシ、コンテンツ・フィルタリング)経験があるとよい(必須ではない)

詳細

1. Next-Generation Security Platform and Architecture
- Security platform overview
- Next-generation firewall architecture
- Zero Trust security model
- Public cloud security
- Firewall offerings

2. Initial Configuration
- Administrative controls
- Initial access to the system
- Configuration management
- Licensing and software updates
- Account administration
- Viewing and filtering logs

3. Interface Configuration
- Security zones and interfaces
- Tap interfaces
- Virtual Wire interfaces
- Layer 2 interfaces
- Layer 3 interfaces
- Virtual routers
- VLAN interfaces
- Loopback interfaces
- Policy-based forwarding

4. Security and NAT Policies
- Security policy fundamental concepts
- Security policy administration
- Network Address Translation
- Source NAT configuration
- Destination NAT configuration

5. App-ID
- Application Identification (App-ID) overview
- Using App-ID in a Security policy
- Identifying unknown application traffic
- Updating App-ID

6. Content-ID
- Content-ID overview
- Vulnerability Protection Security Profiles
- Antivirus Security Profiles
- Anti-Spyware Security Profiles
- File Blocking Profiles
- Attaching Security Profiles to Security policy rules
- Telemetry and threat intelligence
- Denial of service protection

7. URL Filtering
- URL Filtering Security Profiles
- Attaching URL Filtering Profiles

8. Decryption
- Decryption concepts
- Certificate management
- SSL Forward Proxy decryption
- SSL Inbound Inspection
- Other decryption topics

9. WildFire
- WildFire concepts
- Configuring and managing WildFire
- WildFire reporting

10. User-ID
- User-ID overview
- User mapping methods overview
- Configuring User-ID
- PAN-OS® integrated agent configuration
- Windows-based agent configuration
- Configuring group mapping
- User-ID and Security policy

11. GlobalProtect
- GlobalProtect overview
- Preparing the firewall for GlobalProtect
- Configuration: GlobalProtect Portal
- Configuration: GlobalProtect Gateway
- Configuration: GlobalProtect agents

12. Site-to-Site VPNs
- Site-to-site VPN
- Configuring site-to-site tunnels
- IPsec troubleshooting

13. Monitoring and Reporting
- Dashboard, ACC, and Monitor
- Log forwarding
- Syslog
- Configuring SNMP

14. Active/Passive High Availability
- HA components and operation
- Active/passive HA configuration
- Monitoring HA state

15. What’s Next
- Operational guidelines
- Analyzing ACC information
- Optimizing Security Profiles

お問い合わせ窓口へ

Network Academy
pagetop