PA-213: Palo Alto Networks Firewall Install, Configure, and Manage (EDU-201)

Course Overview: PA-213: Palo Alto Networks Firewall Install, Configure, and Manage (EDU-201) Training Class is a three-day course that teaches students to configure and manage the entire line of Palo Alto Networks next-generation firewalls. This course prepares the student for the Palo Alto Networks Accredited Configuration Engineer (ACE) and progress to the Palo Alto Networks Certified Network Security Engineer (PCNSE). Through hands-on training, students learn high end skills of how to integrate Palo Alto next-generation firewalls into their network infrastructure. This is not a virtualized theoretical course. This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk. Real hardware per student for real experience and real skill development. TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

This course sets up the foundation for the two day course PA-212: Palo Alto Networks Firewall Configure Extended Features. The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies. Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

Attendees to the PA-213: Palo Alto Networks Firewall Install, Configure, and Manage (EDU-201) Training Course will receive TechNow approved course materials and expert instruction.

TechNow PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205) immediately follows this course in the schedule so that you can take both courses in the same week. We also offer a discount for attending both classes in the same week!!

Dates/Locations:

No Events

Duration: 3 days

Course Objectives: Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks firewall, including hands-on experience in configuring the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operating System (PAN-OS).

Day 1

Module 0 – Introduction & Overview
Module 1 – Platforms and Architecture
- Single-Pass Architecture
- Flow Logic
Module 2 – Initial Configuration
- Initial Access to the System
- Configuration Management
- Licensing and Software Updates
- Account Administration
Mod 3: Basic Interface Configuration
- Security Zones
  Layer 2, Layer 3, Virtual Wire, and Tap
- Subinterfaces
- DHCP
- Virtual Routers
Mod 4: Security and NAT Policies
- Security Policy Configuration
- Policy Administration
- NAT (source and destination)

Day 2

Mod 5: Basic App-ID™
- App-ID Overview
- Application Groups and Filters
Mod 6: Basic Content-ID™
- Antivirus
- Anti-spyware
- Vulnerability
- URL Filtering
Mod 7: File Blocking and WildFire™
- File Blocking
- WildFire
Mod 8: Decryption
- Certificate Management
- Outbound SSL Decryption
- Inbound SSL Decryption

Day 3

Mod 9: Basic User-ID™
- Enumerating Users
- Mapping Users to IP Addresses
- User-ID Agent
Mod 10: Site-to-Site VPNs
- IPSec Tunnels
Mod 11: Management and Reporting
- Dashboard
- Basic Logging
- Basic Reports
- Panorama
Mod 12: Active/Passive High
- Availability
- Configuring Active/Passive HA

Prerequisites:

Security+, Network+, CCNA and networking experience is recommended.

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class? Then let everyone know!

N-415: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)

Course Overview:

The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) course gives you the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. You’ll also learn to implement security principles, implement automation and programmability within an enterprise network, and how to overlay network design by using SD-Access and SD-WAN solutions.

Attendees to N-415: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) will receive TechNow approved course materials, expert instruction, and prepare you to take the 350-401 Implementing Cisco® Enterprise Network Core Technologies (ENCOR) exam.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts
Troubleshoot Layer 2 connectivity using VLANs and trunking
Implementation of redundant switched networks using Spanning Tree Protocol
Troubleshooting link aggregation using Etherchannel
Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP)
Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6
Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking
Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP)
Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT)
Describe the virtualization technology of servers, switches, and the various network devices and components
Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP)
Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards
Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture
Describe wireless roaming and location services
Describe how APs communicate with WLCs to obtain software, configurations, and centralized management
Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC
Troubleshoot wireless client connectivity issues using various available tools
Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager
Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting
Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP
Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits
Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features
Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience
Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways
Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane
Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points
Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network
Explain basic Python components and conditionals with script writing and analysis
Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF
Describe APIs in Cisco DNA Center and vManage

Prerequisites:

CCNA certification
Implementation of Enterprise LAN networks
Basic understanding of Enterprise routing and wireless connectivity
Basic understanding of Python scripting

Comments

Latest comments from students

User: don.seguin

Instructor comments: Tim was a great.

Facilities comments: The classroom was great.

User: jrtrussell

Instructor comments: Awesome

Facilities comments: Great

Liked the class? Then let everyone know!

TN-949: Certified Firewall Analyst Course

Course Overview:

This is a hands-on course that covers many of the concepts of securing the perimeter of an organization. This includes concepts such as intrusion detection, packet filtering, and central logging.

A skills focus enables the student to better absorb the subject matter and perform better on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of Firewalls.

This course is an excellent precursor to PA-215 Palo Alto Firewall Essentials FastTrack.

Attendees to TN-949: Certified Firewall Analyst Prep will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Analyzing Network and Wireless Design
Creating and Auditing a Rulebase
Firewall Assessment and Penetration Testing
Host-Based Detection and DLP
Incident Detection and Analysis
IOS and Router Security
IPv6 and ICMPv6
Log Collection and Analysis
NAT and Proxies
Netfilter IPtables
Network Access Control
Network-Based Intrusion Detection
Packet Filters and Inspection
Packet Fragmentation
Perimeter Concepts and IP Fundamentals
Securing Hosts and Services
TCP/IP Protocols
VPN Design and Auditing
VPN Implementation

Course Prerequisites:

GSEC or equivalent experience
UNIX, Windows, networking and security experience
This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

Liked the class? Then let everyone know!

P-415: Advanced PERL Programming

Course Overview:

Every programmer must keep up with the latest tools and techniques. This course will help you push your skills to the next level and become a more accomplished programmer. Advanced PERL Programming teaches you all the complex techniques for production-ready PERL programs and explains concepts such as introspection, overriding built-ins, extending PERL's OO model, and testing your code for greater stability.

Attendees to P-415: Advanced PERL Programming will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives: