0%

Book Description

Set up next-generation firewalls from Palo Alto Networks and get to grips with configuring and troubleshooting using the PAN-OS platform

Key Features

  • Understand how to optimally use PAN-OS features
  • Build firewall solutions to safeguard local, cloud, and mobile networks
  • Protect your infrastructure and users by implementing robust threat prevention solutions

Book Description

To safeguard against security threats, it is crucial to ensure that your organization is effectively secured across networks, mobile devices, and the cloud. Palo Alto Networks' integrated platform makes it easy to manage network and cloud security along with endpoint protection and a wide range of security services. With this book, you'll understand Palo Alto Networks and learn how to implement essential techniques, right from deploying firewalls through to advanced troubleshooting.

The book starts by showing you how to set up and configure the Palo Alto Networks firewall, helping you to understand the technology and appreciate the simple, yet powerful, PAN-OS platform. Once you've explored the web interface and command-line structure, you'll be able to predict expected behavior and troubleshoot anomalies with confidence. You'll learn why and how to create strong security policies and discover how the firewall protects against encrypted threats. In addition to this, you'll get to grips with identifying users and controlling access to your network with user IDs and even prioritize traffic using quality of service (QoS). The book will show you how to enable special modes on the firewall for shared environments and extend security capabilities to smaller locations.

By the end of this network security book, you'll be well-versed with advanced troubleshooting techniques and best practices recommended by an experienced security engineer and Palo Alto Networks expert.

What you will learn

  • Perform administrative tasks using the web interface and command-line interface (CLI)
  • Explore the core technologies that will help you boost your network security
  • Discover best practices and considerations for configuring security policies
  • Run and interpret troubleshooting and debugging commands
  • Manage firewalls through Panorama to reduce administrative workloads
  • Protect your network from malicious traffic via threat prevention

Who this book is for

This book is for network engineers, network security analysts, and security professionals who want to understand and deploy Palo Alto Networks in their infrastructure. Anyone looking for in-depth knowledge of Palo Alto Network technologies, including those who currently use Palo Alto Network products, will find this book useful. Intermediate-level network administration knowledge is necessary to get started with this cybersecurity book.

Book Description

Set up next-generation firewalls from Palo Alto Networks and get to grips with configuring and troubleshooting using the PAN-OS platform

Key Features

  • Understand how to optimally use PAN-OS features
  • Build firewall solutions to safeguard local, cloud, and mobile networks
  • Protect your infrastructure and users by implementing robust threat prevention solutions

Book Description

To safeguard against security threats, it is crucial to ensure that your organization is effectively secured across networks, mobile devices, and the cloud. Palo Alto Networks' integrated platform makes it easy to manage network and cloud security along with endpoint protection and a wide range of security services. With this book, you'll understand Palo Alto Networks and learn how to implement essential techniques, right from deploying firewalls through to advanced troubleshooting.

The book starts by showing you how to set up and configure the Palo Alto Networks firewall, helping you to understand the technology and appreciate the simple, yet powerful, PAN-OS platform. Once you've explored the web interface and command-line structure, you'll be able to predict expected behavior and troubleshoot anomalies with confidence. You'll learn why and how to create strong security policies and discover how the firewall protects against encrypted threats. In addition to this, you'll get to grips with identifying users and controlling access to your network with user IDs and even prioritize traffic using quality of service (QoS). The book will show you how to enable special modes on the firewall for shared environments and extend security capabilities to smaller locations.

By the end of this network security book, you'll be well-versed with advanced troubleshooting techniques and best practices recommended by an experienced security engineer and Palo Alto Networks expert.

What you will learn

  • Perform administrative tasks using the web interface and command-line interface (CLI)
  • Explore the core technologies that will help you boost your network security
  • Discover best practices and considerations for configuring security policies
  • Run and interpret troubleshooting and debugging commands
  • Manage firewalls through Panorama to reduce administrative workloads
  • Protect your network from malicious traffic via threat prevention

Who this book is for

This book is for network engineers, network security analysts, and security professionals who want to understand and deploy Palo Alto Networks in their infrastructure. Anyone looking for in-depth knowledge of Palo Alto Network technologies, including those who currently use Palo Alto Network products, will find this book useful. Intermediate-level network administration knowledge is necessary to get started with this cybersecurity book.

Table of Contents

  1. Mastering Palo Alto Networks
  2. Why subscribe?
  3. Contributors
  4. About the author
  5. About the reviewers
  6. Packt is searching for authors like you
  7. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Code in Action
    6. Download the color images
    7. Conventions used
    8. Get in touch
    9. Reviews
  8. Section 1: First Steps and Basic Configuration
  9. Chapter 1: Understanding the Core Technologies
    1. Technical requirements
    2. Understanding the zone-based firewall
      1. Expected behavior when determining zones
    3. Understanding App-ID and Content-ID
      1. How App-ID gives more control
      2. How Content-ID makes things safe
    4. The management and data plane
    5. Authenticating users with User-ID
    6. Summary
  10. Chapter 2: Setting Up a New Device
    1. Technical requirements
    2. Gaining access to the user interface
      1. Connecting to the web interface and CLI
    3. Adding licenses and setting up dynamic updates
      1. Creating a new account
      2. Registering a new device
      3. Activating licenses
      4. Downloading and scheduling dynamic updates
    4. Upgrading the firewall
      1. Understanding the partitions
      2. Upgrade considerations
      3. Upgrading via the CLI
      4. Upgrading via the web interface
    5. Hardening the management interface
      1. Limiting access via an access List
      2. Accessing internet resources from offline management
      3. Admin accounts
    6. Understanding the interface types
      1. VWire
      2. The Layer 3 interface
      3. The Layer 2 interface and VLANs
      4. The loopback interface
      5. The tunnel interface
      6. Subinterfaces
      7. HA interfaces
      8. AE interfaces
      9. Tap interfaces
      10. The Decryption Port Mirror interface
  11. Section 2: Advanced Configuration and Putting the Features to Work
  12. Chapter 3: Building Strong Policies
    1. Technical requirements
    2. Understanding and preparing security profiles
      1. The Antivirus profile
      2. The Anti-Spyware profile
      3. The Vulnerability Protection profile
      4. URL filtering
      5. The file blocking profile
      6. The WildFire Analysis profile
      7. Custom objects
      8. Security profile groups
    3. Understanding and building security rules
      1. Dropping "bad" traffic
      2. Allowing applications
      3. Controlling logging and schedules
      4. Address objects
      5. Tags
      6. Policy Optimizer
    4. Creating NAT rules
      1. Inbound NAT
      2. Outbound NAT
    5. Summary
  13. Chapter 4: Taking Control of Sessions
    1. Technical requirements
    2. Controlling the bandwidth with quality of service policies
      1. DSCP and ToS headers
      2. QoS enforcement in the firewall
    3. Leveraging SSL decryption to break open encrypted sessions
      1. SSH proxy
      2. SSL forward proxy
      3. SSL Inbound Inspection
    4. Redirecting sessions over different paths using policy-based forwarding
      1. Redirecting critical traffic
      2. Load balancing
    5. Summary
  14. Chapter 5: Services and Operational Modes
    1. Technical requirements
    2. Applying a DHCP client and DHCP server
      1. DHCP client
      2. DHCP server and relay
    3. Configuring a DNS proxy
    4. Setting up high availability
      1. Active/Passive mode
      2. Active/Active mode
      3. Firewall states
      4. High-availability interfaces
      5. Setting up Active/Passive mode
      6. Setting up Active/Active
    5. Enabling virtual systems
      1. Creating a new VSYS
      2. Inter-VSYS routing
      3. Creating a shared gateway
    6. Managing certificates
    7. Summary
  15. Chapter 6: Identifying Users and Controlling Access
    1. Technical requirements
    2. User-ID basics
      1. Preparing Active Directory and setting up the agents
    3. Configuring group mapping
    4. Setting up a captive portal
      1. Authenticating users
    5. Using an API for User-ID
    6. User credential detection
    7. Summary
  16. Chapter 7: Managing Firewalls through Panorama
    1. Technical requirements
    2. Setting up Panorama
      1. Initial Panorama configuration
      2. Panorama logging
    3. Device groups
      1. Adding managed devices
      2. Preparing device groups
      3. Creating policies and objects
      4. Important things to know when creating objects in device groups
    4. Setting up templates and template stacks
    5. Panorama management
      1. Device deployment
      2. Migrating unmanaged to managed devices
      3. Panorama HA
      4. Tips and tricks
    6. Summary
  17. Section 3: Maintenance and Troubleshooting
  18. Chapter 8: Upgrading Firewalls and Panorama
    1. Technical requirements
    2. Documenting the key aspects
      1. Upgrade considerations
    3. Preparing for the upgrade
    4. The upgrade process
      1. Upgrading a single Panorama instance
      2. Upgrading a Panorama HA cluster
      3. Upgrading a single firewall
      4. Upgrading a firewall cluster
      5. Upgrading log collectors (or firewalls) through Panorama
      6. After the upgrade
    5. The rollback procedure
    6. Special case for upgrading older hardware
    7. The downgrade procedure
    8. Summary
  19. Chapter 9: Logging and Reporting
    1. Technical requirements
    2. Log storage and forwarding
    3. Configuring log collectors and log collector groups
    4. Logging Service
    5. External logging
    6. Configuring log forwarding
      1. System logs
      2. Session logs
    7. Reporting
      1. Pre-defined reports
      2. Custom reports
    8. The Application Command Center
    9. Filtering logs
    10. Summary
  20. z: VPN and Advanced Protection
    1. Technical requirements
    2. Setting up the VPN
      1. Configuring the IPSec site-to-site VPN
      2. Configuring GlobalProtect
    3. Custom applications and threats
      1. Application override
      2. Signature-based custom applications
      3. Custom threats
    4. Zone protection and DoS protection
      1. System protection settings
      2. Configuring zone protection
      3. Configuring DoS protection
    5. Summary
  21. Chapter 11: Troubleshooting Common Session Issues
    1. Technical requirements
    2. Using the tools at our disposal
      1. Log files
      2. Packet captures
      3. Botnet reports
    3. Interpreting session details
    4. Using the troubleshooting tool
    5. Using maintenance mode to resolve and recover from system issues
    6. Summary
  22. Chapter 12: A Deep Dive into Troubleshooting
    1. Technical requirements
    2. Understanding global counters
    3. Analyzing session flows
      1. Preparation
      2. Execution
      3. Cleanup
      4. A practical example
    4. Debugging processes
    5. CLI troubleshooting commands cheat sheet
    6. Summary
  23. Chapter 13: Supporting Tools
    1. Technical requirements
    2. Integrating Palo Alto Networks with Splunk
    3. Monitoring with Pan(w)achrome
    4. Threat intelligence with MineMeld
    5. Exploring the API
    6. Summary
  24. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think
54.162.130.75