Book description
Set up next-generation firewalls from Palo Alto Networks and get to grips with configuring and troubleshooting using the PAN-OS platform
Key Features
- Understand how to optimally use PAN-OS features
- Build firewall solutions to safeguard local, cloud, and mobile networks
- Protect your infrastructure and users by implementing robust threat prevention solutions
Book Description
To safeguard against security threats, it is crucial to ensure that your organization is effectively secured across networks, mobile devices, and the cloud. Palo Alto Networks' integrated platform makes it easy to manage network and cloud security along with endpoint protection and a wide range of security services. With this book, you'll understand Palo Alto Networks and learn how to implement essential techniques, right from deploying firewalls through to advanced troubleshooting.
The book starts by showing you how to set up and configure the Palo Alto Networks firewall, helping you to understand the technology and appreciate the simple, yet powerful, PAN-OS platform. Once you've explored the web interface and command-line structure, you'll be able to predict expected behavior and troubleshoot anomalies with confidence. You'll learn why and how to create strong security policies and discover how the firewall protects against encrypted threats. In addition to this, you'll get to grips with identifying users and controlling access to your network with user IDs and even prioritize traffic using quality of service (QoS). The book will show you how to enable special modes on the firewall for shared environments and extend security capabilities to smaller locations.
By the end of this network security book, you'll be well-versed with advanced troubleshooting techniques and best practices recommended by an experienced security engineer and Palo Alto Networks expert.
What you will learn
- Perform administrative tasks using the web interface and command-line interface (CLI)
- Explore the core technologies that will help you boost your network security
- Discover best practices and considerations for configuring security policies
- Run and interpret troubleshooting and debugging commands
- Manage firewalls through Panorama to reduce administrative workloads
- Protect your network from malicious traffic via threat prevention
Who this book is for
This book is for network engineers, network security analysts, and security professionals who want to understand and deploy Palo Alto Networks in their infrastructure. Anyone looking for in-depth knowledge of Palo Alto Network technologies, including those who currently use Palo Alto Network products, will find this book useful. Intermediate-level network administration knowledge is necessary to get started with this cybersecurity book.
Table of contents
- Table of Contents
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Code in Action
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Section 1: First Steps and Basic Configuration
- Chapter 1: Understanding the Core Technologies
- Technical requirements
- Understanding the zone-based firewall
- Understanding App-ID and Content-ID
- The management and data plane
- Authenticating users with User-ID
- Summary
- Chapter 2: Setting Up a New Device
- Technical requirements
- Gaining access to the user interface
- Adding licenses and setting up dynamic updates
- Upgrading the firewall
- Hardening the management interface
- Understanding the interface types
- Section 2: Advanced Configuration and Putting the Features to Work
- Chapter 3: Building Strong Policies
- Technical requirements
- Understanding and preparing security profiles
- Understanding and building security rules
- Creating NAT rules
- Summary
- Chapter 4: Taking Control of Sessions
- Technical requirements
- Controlling the bandwidth with quality of service policies
- Leveraging SSL decryption to break open encrypted sessions
- Redirecting sessions over different paths using policy-based forwarding
- Summary
- Chapter 5: Services and Operational Modes
- Technical requirements
- Applying a DHCP client and DHCP server
- Configuring a DNS proxy
- Setting up high availability
- Enabling virtual systems
- Managing certificates
- Summary
- Chapter 6: Identifying Users and Controlling Access
- Technical requirements
- User-ID basics
- Configuring group mapping
- Setting up a captive portal
- Using an API for User-ID
- User credential detection
- Summary
- Chapter 7: Managing Firewalls through Panorama
- Technical requirements
- Setting up Panorama
- Device groups
- Setting up templates and template stacks
- Panorama management
- Summary
- Section 3: Maintenance and Troubleshooting
- Chapter 8: Upgrading Firewalls and Panorama
- Technical requirements
- Documenting the key aspects
- Preparing for the upgrade
- The upgrade process
- The rollback procedure
- Special case for upgrading older hardware
- The downgrade procedure
- Summary
- Chapter 9: Logging and Reporting
- Technical requirements
- Log storage and forwarding
- Configuring log collectors and log collector groups
- Logging Service
- External logging
- Configuring log forwarding
- Reporting
- The Application Command Center
- Filtering logs
- Summary
- z: VPN and Advanced Protection
- Technical requirements
- Setting up the VPN
- Custom applications and threats
- Zone protection and DoS protection
- Summary
- Chapter 11: Troubleshooting Common Session Issues
- Technical requirements
- Using the tools at our disposal
- Interpreting session details
- Using the troubleshooting tool
- Using maintenance mode to resolve and recover from system issues
- Summary
- Chapter 12: A Deep Dive into Troubleshooting
- Technical requirements
- Understanding global counters
- Analyzing session flows
- Debugging processes
- CLI troubleshooting commands cheat sheet
- Summary
- Chapter 13: Supporting Tools
- Technical requirements
- Integrating Palo Alto Networks with Splunk
- Monitoring with Pan(w)achrome
- Threat intelligence with MineMeld
- Exploring the API
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think
Product information
- Title: Mastering Palo Alto Networks
- Author(s):
- Release date: September 2020
- Publisher(s): Packt Publishing
- ISBN: 9781789956375
You might also like
video
Mastering Palo Alto Networks
Dominate and take control of all the features that Palo Alto firewalls can offer to protect …
audiobook
Mastering Palo Alto Networks - Second Edition
Deploy and manage industry-leading PAN-OS 10.x solutions to secure your users and infrastructure About This Audiobook …
book
Mastering Palo Alto Networks - Second Edition
Deploy and manage industry-leading PAN-OS 10.x solutions to secure your users and infrastructure Key Features Understand …
video
Learning the Cisco Application-Centric Infrastructure (ACI)
Automation, objects, and policies are replacing traditional networks as we know them. North-to-South or East-to-West traffic …