Palo Alto Online Training

Palo Alto Online Training



    Palo Alto Networks offers an enterprise cybersecurity platform which provides network security, cloud security, endpoint protection, and various cloud-delivered security services. There are three principal groups that come together to build the Palo Alto Networks cybersecurity portfolio. They are Strata, Prisma, and Cortex. Palo Alto Networks Next Generation Firewalls (NGFW) give security teams complete visibility and control over all network using powerful traffic identification, malware prevention, and threat intelligence technologies.

    Course Content

    1.Platforms and Architecture

    • Introduction of firewall
    • Single Pass Architecture and Flow Logic
    • Parallel processing of Palo Alto
    • Types of firewall
    • State full inspection of Firewall
    • Packet Filtering Firewall
    • Application aware firewall
    • Basic Wire shark packet analysis (ICMP, DNS, TCP, UDP SSH, SSL)

    2.Initial Configuration

    • Initial Access to the System
    • Introduction of Palo alto CLI
    • Control plane and data plan in Palo Alto
    • Difference between Operational mode and Configuration mode
    • Configuration Management
    • Licensing and Software Updates
    • Account Administration
    • Difference between Candidate configuration and running configuration

    3.Interface Configuration

    • Introduction to Security Zones
    • Layer 2 deployment of Palo Alto
    • Layer2 deployment with logical vlan interface
    • Layer2 deployment with same vlan /different vlan
    • TAP mode deployment with Scenario
    • V-wire mode deployment of Palo Alto
    • Layer 3 configuration of Palo Alto interface
    • Sub-interfaces Configuration and Inter-vlan Routing
    • Service route configuration on interface
    • DHCP Configuration
    • Introduction of Virtual Router
    • Virtual Router Scenario based configuration

    4.Security and NAT Policies

    • Security Policy Configuration
    • Policy Administration
    • Interazone, interzone rule and Cleanup Rule
    • NAT Configuration
    • PAT on Firewall interface
    • Dynamic NAT with pool IP
    • Proxy Arp concept and understanding
    • Static Bi-directional NAT Configuration
    • U-Turn NAT Configuration Same zone (double NAT configuration)
    • U-Turn NAT Configuration Different Zone (Inter zone)
    • Destination NAT configuration on Pool IP (load distribution)
    • PORT Forwarding / Static PAT configuration
    • External Pool NAT configuration and flow
    • Virtual wire Netting configuration


    • Application ID Signature based Inspection of Palo alto
    • Flow Logic of App ID
    • Application ID Terms Understanding (Incomplete, Insufficient Data, Unknown TCP/UDP)
    • Configuration of APP ID (Security Rule base)
    • Custom App-ID signature creation of (URLS for Particular Pattern)
    • App ID with Outbound SSL Inspection


    • Antivirus
    • Anti-spyware
    • Vulnerability
    • URL Filtering
    • File Blocking: Wildfire

    7.Encryption /Decryption

    • Certificate Management
    • Theory of SSL /TLS
    • Outbound SSL Decryption
    • Inbound SSL Decryption


    • Enumerating Users
    • Mapping Users to IP addresses
    • User-ID Agent and LDAP Configuration

    9.VPN Configuration

    • Theory of IPsec Protocol Suit
    • Details of Packets (PHASE-1, PHASE-2)
    • Difference between Main mode and aggressive mode
    • Difference between Policy based VPN and Tunnel based VPN
    • IPSec Tunnels between Palo alto firewall
    • IPSec Tunnel between Palo alto and Cisco Device/Checkpoint Gateway
    • Implementation of Dynamic routing protocol in Route based VPN (OSPF Configuration)
    • Scenario Based Troubleshooting in Palo alto (PCAP File Analysis)
    • Advance debug command in Palo Alto for VPN Troubleshooting
    • Introduction of remote access VPN
    • Global protect VPN configuration / SSL VPN for remote Users
    • Global Protect Portal
    • Global Protect Gateway

    10.Management & Reporting

    • Introduction of Dashboard
    • ACC (Application command center)
    • Basic Logging
    • Log Analysis and filtering
    • System Alters and log
    • Basic Reports

    11.Active/Passive High Availability

    • Understanding of High Availability
    • Palo alto active/passive HA configuration
    • Theory of HA Control Link DATA Link
    • Palo Alto active /active configuration with Floating ip
    • Palo Alto active/active configuration with arp load balancing
    • Active/Active NAT configuration

    12.Routing Configuration and PBR

    • Understanding of Palo Alto Routing table, Forwarding Table
    • Understanding of Path Monitoring in Palo Alto
    • ECMP (Equal cost Multiple Path) Configuration with Dual ISP
    • ECMP Load-Balancing Algorithms
    • Introduction of OSPF routing and configuration
    • Introduction of BGP routing and configuration
    • Policy based routing configuration and testing with dual ISP
    • Understanding of Metric and administrative distance (virtual Router)


    • Centralized Configuration and Deployment
    • Centralized Logging and Reporting
    • Role-Based Access Control
    • Difference Between pre rule, post rule and Default rule.

    14.Advance Trouble Shooting and packet capture

    • Packet dig command use in Palo alto
    • Graphic mode packet capture
    • Directory system of Pan OS and daemons
    • Log capture for live traffic and analysis
    • Test policy command for NAT and security Rules
    • Use of grep command to search pattern
    • Use of mp-log and dp-log in palo alto

    Write a Review

    Your email address will not be published. Required fields are marked *

    Course Reviews


    • 5 stars0
    • 4 stars0
    • 3 stars0
    • 2 stars0
    • 1 stars0

    No Reviews found for this course.

    • 3 weeks, 3 days
    Contact Us

    +1 475-212-0075

    Drop us a query

      Your Details

      * Required

      Job Support

        Your Details

        * Required

        Course Features

        Live Instructor-led Classes

        This isn't canned learning. Its dynamic, its interactive, its effective

        Expert Educators

        Only the best or they're out. We are constantly evaluating our trainers

        24&7 Support

        We never sleep. Need something answered at 3 am? No Problem

        Flexible Schedule

        You don't learn as per our calendar. We work according to yours.

        Customized Training's

        The most part self-managed and adaptable to suit a person's particular adapting technology needs

        Priority Based Training's

        Real-time Scenario based Assignments and Case Studies