Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Curso de Palo Alto Firewall

    Cargado por

    ensayandocorreo
    63 vistas20 páginas
    Palo alto curse

    Título original

    Curso+de+Palo+Alto+Firewall

    Derechos de autor

    © © All Rights Reserved

    Formatos disponibles

    PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    Palo alto curse

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    63 vistas20 páginas

    Curso de Palo Alto Firewall

    Cargado por

    ensayandocorreo
    Palo alto curse

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 20

    I Curso de Palo Alto Firewall

    by Yavuz BULUT
    Consultor e Instructor de Redes

    Capítulo - 1

    Capítulo-1 I Sobre la Instructora

    I Contenido del Curso

    Introducción I Acerca de las Certificaciones de Palo Alto

    I Curso de Palo Alto Firewall


    by Yavuz BULUT

    Capítulo - 1

    I Sobre la Instructora
    Al establecer mi propio negocio en Malatya en 2001, continué las Entre 2013 y 2016, trabajé como gerente de proyectos en una empresa que

    actividades de venta e instalación de centrales telefónicas en Malatya es Cisco Gold Partner en Estambul. Después de 2016, comencé a dar

    hasta 2009 y en Estambul desde 2009 hasta 2011. lecciones de redes y compartir videos de capacitación gratuitos en Youtube.

    En 2017, continué brindando capacitaciones al establecer ICT Academy. A


    Dado que mi trabajo poco a poco está comenzando a estar basado en la
    medida que las capacitaciones comenzaron a cambiar lentamente hacia la
    red, cerré mi propio negocio a fines de 2011 y entré al mundo de las
    educación en línea, decidí publicar todas las capacitaciones que impartí a
    redes tomando capacitaciones de Cisco.
    través de ICT Academy en Udemy a partir de 2020.
    Recibí mi primera certificación Cisco CCNA en 2013 y recibí CCNA
    Actualmente, sigo dando capacitaciones sobre Udemy y brindando
    Security en 2014, CCNA Voice en 2015, CCNP Routing and
    servicios de consultoría a empresas corporativas.
    Switching en 2016, CCNA Collaboration en 2018, Cisco Video Network

    Specialist en 2018 y CCNP Enterprise en 2020.

    I Curso de Palo Alto Firewall


    by Yavuz BULUT

    Capítulo - 1

    I Contenido del Curso


    Capitulo-1 Introducción Capitulo-5 Security Profiles - Content-ID
    Contenido del Curso, Descripción General de las Certificaciones de Palo Alto Antivirus, Antispyware, Vulnerability & Exploit, URL Filtering
    File Block and Data Filters, Wildfire Analysis, DoS Protection
    Capitulo-2 Instalación
    Ejemplo de Topología, Preparación de la Instalación, Zone Protection and DoS

    Instalación de Firewall Virtual, Ejemplo de instalación de Laboratorio


    Capitulo-6 Authentication and VPN
    Doméstico, Licencia
    LDAP ve Auth. Profile, Enable User-ID, Authentication Portal,

    Capitulo-3 Network and Routing Settings Installing CA Certificate, VPN Zone ve Tunnel Interface,
    Creating Security Zone, Interface Settings, Sub Interface , Global Protect Gateway and Portal, Global Protect Portal SSL VPN Access,
    Interface Management Profile, DHCP Server, Static Route IPsec Site t0 Site VPN

    Capitulo-4 Security Policies - NAT Capitulo-7 Device Management


    Security Policies Introduction, Dynamic NAT-PAT, Source NAT, Panaroma, Role Base Administration, Password Recovery
    Destination NAT, App-ID, Decryption. Using Tags. Backup and Restore, PAN-OS Software Update, High Availability - HA.

    I Curso de Palo Alto Firewall


    by Yavuz BULUT

    Capítulo - 1 I PA Certificates

    Overview of Palo Alto Certifications

    Palo Alto Networks Certified Palo Alto Networks Certified


    Network Security Administrator Network Security Engineer
    %22 Palo Alto Networks Security Operating Platform Core Components %16 Plan
    %24 Simply Passing Traffic %23 Deploy and Configure

    %20 Traffic Visibility %20 Operate

    %18 Securing Traffic %18 Configuration Troubleshooting

    %18 Identifying Users %23 Core Concepts

    %4 Deployment Optimization
    80 Minutes, 75 Questions , Multiple Choice, Scenarios with Graphics,

    90 Minutes, 50 Questions , Multiple Choice, Scenarios with Graphics, and Matching

    and Matching

    https://home.pearsonvue.com/paloaltonetworks

    I Curso de Palo Alto Firewall


    by Yavuz BULUT


    Capítulo - 2

    Capitulo-2 I Example Topology

    I Installation Preparation

    Installation and I Firewall Installation

    I Home Lab
    Basic Settings I License

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 2 I Example Topology


    Palo Alto Firewall Lab Topology

    Management Port Outside Zone Management Port


    DMZ Zone 192.168.10.200 192.168.30.200

    İstanbul Office Ankara Office


    Web Server 44.34.0.0 / 24
    10.1.0.100
    Eth 1/3 Eth 1/2 Eth 1/1 Eth 1/1 Eth 1/2
    10.1.0.254 172.16.0.254 44.34.0.1 44.34.0.2 192.168.20.254

    Inside Zone Inside Zone


    Subnet
    Client -1 Client -2 Active Directory 192.168.20.0 / 24
    172.16.0.110

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 2 I Home Lab Topology


    Workstation Pro Example
    Vmnet Bridge 192.168.1.0
    Vmnet-1 172.16.0.0
    Vmnet-2 10.1.0.0
    Vmnet-3 192.168.20.0

    Management Port Outside Zone Management Port


    DMZ Zone 192.168.1.100 192.168.1.101

    İstanbul Ofis 192.168.1.0 / 24 Ankara Ofis


    Web Server
    10.1.0.100
    Eth 1/3 Eth 1/2 Eth 1/1 Eth 1/1 Eth 1/2
    10.1.0.254 172.16.0.254 192.168.1.201 192.168.1.202 192.168.20.254

    Inside Zone Inside Zone

    Active Directory Subnet


    172.16.0.110 192.168.20.0 / 24

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 2 I Sub Interface

    Creating a Sub Interface

    Interface 1/4.10 172.16.11.254 /24


    Interface 1/4.20 172.16.12.254 /24
    Interface 1/4.30 172.16.13.254 /24

    Trunk Port

    Vlan - 11 Vlan - 12 Vlan - 13


    172.16.11.0 /24 172.16.12.0 /24 172.16.13.0 /24

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 2 I DHCP Server

    DHCP Server Configuration

    DHCP Server

    Interface 1/4.10 172.16.11.254 /24


    Interface 1/4.20 172.16.12.254 /24
    Interface 1/4.30 172.16.13.254 /24

    Trunk Port

    Vlan - 11 Vlan - 12 Vlan - 13


    172.16.11.0 /24 172.16.12.0 /24 172.16.13.0 /24

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 2 I DHCP Relay

    DHCP Relay Configuration

    Interface 1/4.10 172.16.11.254 /24


    Interface 1/4.20 172.16.12.254 /24 DHCP Server
    Interface 1/4.30 172.16.13.254 /24 172.16.44.144

    Trunk Port

    Vlan - 11 Vlan - 12 Vlan - 13


    172.16.11.0 /24 172.16.12.0 /24 172.16.13.0 /24

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 3

    I Security Zone Creation

    Capitulo-3 I Creating a Virtual Router

    I Interface Settings

    Network and I Interface Management Profile

    I Sub Interface
    Routing Settings I DHCP Server and DHCP Relay

    I Static Route

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 4

    I Security Policies Introduction

    I Dynamic NAT (PAT)

    Capitulo-4 I Static (Source) NAT

    Security Policies - NAT I Destination NAT

    I App-ID and App Filters

    I Decryption (Https Inspection)

    I UsingTags

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 4 I SSL Decryption

    Decryption - HTTPS Inspection


    HTTPS Internet traffic uses TLS (Transport Layer Security) protocol, traffic is
    encrypted to ensure data privacy and integrity. However, HTTPS traffic has some
    security risks, it can hide illegal user activities and malicious traffic. Because the
    https traffic is encrypted, Security Gateways (Firewall) cannot inspect their
    traffic. You can enable HTTPS Inspection to allow Security Gateways to establish
    a new TLS connection with the site or server. With HTTPs Inspection enabled,
    Security Gateways (Firewalls) can decrypt and inspect HTTPS traffic using TLS
    connections.

    Security Gateways use certificates to act as intermediaries between the client


    computer and the secure web (https) site. All data is kept private in HTTPS
    Inspection Logs. Only authorized persons can see these logs.

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 5

    I Antivirus
    I Anti-Spyware

    Capitulo-5 I Vulnerability
    I URL Filtering

    Security Profiles - I File Block


    I Data Filters
    Content-ID I Wildfire Analysis
    I DoS Protection
    I Zone Protection DoS

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 6

    I LDAP and Authentication Profiles

    I Enable User-ID

    Capitulo-6 I Authentication Portal

    I Installing CA Certificate
    Authentication and VPN I VPN Zone and Tunnel Interface

    I Global Protect Gateway and Portal Settings

    I SSL VPN Access with Global Protect Portal

    I IPsec Site to Site VPN

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 6 I Authentication and VPN

    IPsec Site to Site VPN


    1- Creating Zone and Tunnel Interface
    2- IKE Crypto Profile - Phase 1
    3- IPsec Crypto Profile - Phase 2
    4- Creating an IKE Gateway
    5-IPsec Tunnel Creation
    6- Configuring Static Route
    7- Adding Security Policies

    Istanbul Ankara

    Tunnel Interface. .2 Tunnel Interface. .2


    10.4.0.1/30 10.4.0.2/30

    Eth 1/1 Eth 1/1


    44.34.0.1/24 44.34.0.2/24
    Istanbul Subnet Ankara Subnet
    172.16.0.0 / 24 192.168.20.0 / 24

    I Palo Alto Firewall Course *IKE=Internet Key Exchange


    by Yavuz BULUT

    Capítulo - 7

    I Role Base Administration

    Capitulo-7 I PAN-OS Software Update

    Device Management I High Availability -HA

    I Panorama

    I Export - Factory Reset - Import Config

    I Palo Alto Firewall Course


    by Yavuz BULUT

    Capítulo - 7 I Device Management

    High Availability - HA

    HA-1 1.1.1.1/30

    HA-1 1.1.1.2/30

    Active Fw Mgmt 192.168.10.200/24


    Passive Fw Mgmt 192.168.10.201/24

    I Palo Alto Firewall Course


    by Yavuz BULUT
    Capítulo - 7 I Device Management

    Panorama

    I Palo Alto Firewall Course


    by Yavuz BULUT

    También podría gustarte