Sun Management - Rising Technologies

Labs

Teach a man to fish…

Solving IT and cyber challenges by providing problem-solution virtual labs for ongoing learning opportunities. These labs will focus on the key questions facing those in the information technology community and walk through how to solve challenges in the ever-changing technology software landscape.

What are Labs?

The goal is to take part in the ongoing and open discussion of these challenges. We welcome suggestions for future Labs or if you are so inclined you can create your own Lab and share it with us via education@sunmanagement.net

For access to live Palo Alto Networks boxes for lab practice purposes please go to: https://www.paloaltonetworks.com/services/education/cybersecurity-skills-practice-lab
This is a no charge service provided by Palo Alto Networks.

Sign up

If you would like to be notified by email when new labs become available, sign up here.

What are Labs? Sign up

Current Lab

Using Mine Meld for IoC Feed Aggregation

May 10, 2018

In order to prevent successful cyberattacks, many organizations collect indicators of compromise (IOCs) from various threat intelligence providers with the intent of creating new controls for their security devices. Unfortunately, legacy approaches to aggregation and enforcement are highly manual in nature, often creating complex workflows and extending the time needed to identify and validate which IOCs should be blocked.

Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement and sharing of threat intelligence. This lab will walk you through the deployment and initial configuration of Mine Meld as a a dynamic data feed into your Palo Alto Networks firewall.

Next Lab

Auto-Tagging in PANOS 8.x

To mitigate the challenges of scale, lack of flexibility and performance, the architecture in networks today allows for clients, servers, and applications to be provisioned, changed, and deleted on demand. This agility poses a challenge for security administrators because they have limited visibility into the IP addresses of the dynamically provisioned clients and servers, and the plethora of applications that can be enabled on these virtual resources.
Starting with PAN-OS 8.0, the Paloalto Networks firewall (hardware-based models and the VM-Series) supports the ability to register IP addresses and tags dynamically.For example, whenever the firewall generates a threat log, you can configure the firewall to tag the source IP address in the threat log with a specific tag name. This lab exercise walks you though how to do just that.

    Past Labs

  • Using “Syslog Listener” to Collect User-ID data April 4, 2018

    User Identification is one of the most frequently asked for and effective features that can be used to control networkRead More

  • Using Destination NAT to Isolate Internet Facing Services March 6, 2018

    We all have network services that must be exposed to the internet for our world to function — DNS, mailRead More

  • Migration to App-ID Based Security Policy February 2, 2018

    Legacy firewall rules are created around the Network (IPs) and Transport (Ports) layers of the Open Systems Interconnection (OSI) model.Read More

  • Application-Based Quality of Service on Palo Alto Networks Firewalls January 3, 2018

    Quality of Service (QoS) on Palo Alto Networks firewalls represents a set of features used to prioritize and adjust qualityRead More

  • Troubleshooting with counters, test, and Flow Basic December 1, 2017

    There are a myriad of decision points the firewall makes on a session as it is processed adding complexity toRead More

  • Deploying SSL Decryption with a Palo Alto Networks Firewall October 31, 2017

    Network Security Systems, including firewalls, can be configured to control (permit or deny) encrypted traffic, but cannot decipher the contentsRead More

  • Enabling Zone and DoS Protection in Palo Alto Networks Firewalls October 6, 2017

    Denial of Service (DoS) and Distributed Denial of Service (DDoS) types of attack are attempts to disrupt network services byRead More

  • Automated Reporting in Palo Alto Firewalls March 7, 2017

    Your mission, should you choose to accept it, is to automate the generation and delivery of the various different reportsRead More