EDU-214 Firewall 10.2 : Optimizing Firewall Threat Prevention

Upcoming Classes

EDU-214 EDU-214 Firewall 10.2 : Optimizing Firewall Threat Prevention

  • Duration: 3 days
  • Price: Contact For Price
  • Certifications: Palo Alto Networks Certified Network Security Administrator (PCNSA)

The Palo Alto Networks Firewall 10.0: Improving Security Posture and Hardening PAN-OS (EDU-214) course is three days of instructor-led training that will help you to:

  • Determine the efficacy of your current security policies
  • Develop workflows for managing your security posture
  • Identify rule usage across security policy sets
  • Modify your existing policy set to implement Security Best Practices
  • Monitor network traffic using the interactive web interface and firewall reports
  • Utilize tools such as the BPA tool to further understand your environment

Successful completion of this three-day, instructor-led course will assist the student in being able to manage and maintain an existing Palo Alto Networks Firewall protected environment. The student will learn how to improve non-greenfield environments and will be better equipped at ensuring configurations match security best practice. The student will also be able to develop their own operational strategy to maintain a high level of compliance

Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Support Staff

Students must have completed the “Firewall Essentials: Configuration and
Management” course. Students also should be familiar with basic security concepts. Experience with other security technologies (IPS, proxy, and content filtering) is an advantage

  • Introduction
    • Course Overview
    • Course scenario description
    • BPA tool, ACC, logging, and reporting
    • Lab architecture
  • Security Profiles
    • Review of Content-ID
    • Defining context for Security Profiles
    • Creation of profile groups
  • Daily Operations and Maintenance
    • Software release cycle
    • App-ID and threat update best practices and process
    • Policy description and audit best practices
  • Establish Initial Baseline Visibility
    • Log Forwarding Profiles
    • Syslog, email, SNMP traps, and formatting
    • Custom and pre-made reporting
    • Dynamic user and address groups
  • Analyze and Update Security Rules Passing Traffic
    • Expedition for BPA
    • Policy Optimizer
    • Application-centric rules
    • Categorizing traffic into Inbound, Outbound, and Internal flows
  • Inbound Security Rules Best Practices and Analysis
    • Inbound threat protection
    • Workflow for false positives
    • Inbound SSL Decryption best practices
  • Outbound Security Rules Best Practices and Analysis
    • User-ID
    • URL Filtering Profiles
    • Credential theft
    • Custom URL categories
    • Outbound SSL decryption best practices
  • Internal Security Rules Best Practices and Analysis
    • Internal traffic security best practices
    • Internal traffic requirement workflows
    • Application Override policies
    • Intrazone traffic best practices
  • Administratively Hardening PAN-OS
    • Role-based access control
    • Multi-factor authentication
    • Administrative best practice principles
    • Hardening administrative interfaces
  • Reducing Policy set and Simplification
    • Tag unused rules using Policy Optimizer
    • Implement policy hygiene
    • Describe how to use Address Groups and regions to reduce the policy set
    • Describe Zero Trust architecture

    Contact Us for more details