What are Labs?
The goal is to take part in the ongoing and open discussion of these challenges. We welcome suggestions for future Labs or if you are so inclined you can create your own Lab and share it with us via email@example.com
For access to live Palo Alto Networks boxes for lab practice purposes please go to: https://www.paloaltonetworks.com/services/education/cybersecurity-skills-practice-lab
This is a no charge service provided by Palo Alto Networks.
If you would like to be notified by email when new labs become available, sign up here.
Quality of Service (QoS) on Palo Alto Networks firewalls represents a set of features used to prioritize and adjust quality aspects of network traffic. There are a variety of options that comes as an integral part of the PAN-OS gives the firewall administrator an ability to regulate traffic. This lab will explore using those options to get your bandwidth consumption under control.
Migration to App-ID Based Security Policy
Legacy firewall rules are created around the Network (IPs) and Transport (Ports) layers of the Open Systems Interconnection (OSI) model. During a phased migration, legacy firewall rules are often converted to Palo Alto with like functionality to reduce downtime and ensure successful migration. Though one of the key strengths of Palo Alto firewalls is the ability to apply security rules at the Application layer (layer 7) via App-ID. Applications and application functions are identified by Palo Alto firewalls via multiple techniques, including application signatures (App-ID), decryption (if needed), protocol decoding, and heuristics.
You have successfully migrated to a Palo Alto firewall as part of your phased deployment with a IP/port/protocol based ruleset. As part of the second phase of the migration you will leverage the PAN Migration Tool to streamline rule cleanup and conversion to application rules.
Troubleshooting with counters, test, and Flow Basic
December 1, 2017
There are a myriad of decision points the firewall makes on a session as it is processed adding complexity toRead More
Deploying SSL Decryption with a Palo Alto Networks Firewall
October 31, 2017
Network Security Systems, including firewalls, can be configured to control (permit or deny) encrypted traffic, but cannot decipher the contentsRead More
Enabling Zone and DoS Protection in Palo Alto Networks Firewalls
October 6, 2017
Denial of Service (DoS) and Distributed Denial of Service (DDoS) types of attack are attempts to disrupt network services byRead More
Automated Reporting in Palo Alto Firewalls
March 7, 2017
Your mission, should you choose to accept it, is to automate the generation and delivery of the various different reportsRead More