![](https://datacipher.net/wp-content/uploads/2023/10/Firewall-Essentials_-Configuration-and-Management-1.png)
Firewall Essentials: Configuration and Management (EDU-210)
The Palo Alto Networks Firewall 10.2 Essentials: Configuration and Management (EDU-210) course is five days of instructor- led training that will help you to: 1. Configure and manage the essential features of Palo Alto Networks next-generation firewalls 2. Configure and manage Security and NAT policies to enable approved traffic to and from zones 3. Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs 4. Monitor network traffic using the interactive web interface and firewall reports
Virtual Classroom Live
Prerequisites
Students must have a basic familiarity with networking concepts including routing, switching, and IP addressing. Students also should be familiar with basic security concepts. Experience with other security technologies (IPS, proxy, and content filtering) is a plus.
Target Audience
- Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Support Staff
Course Outline
Module 1 – Palo Alto Networks Portfolio and Architecture
• Securing the Transformed Enterprise
• Key Elements
• Securing the Cloud
• Securing the Future
• Palo Alto Networks Single-Pass Architecture
• Palo Alto Networks Firewall Architecture
• Zero Trust Architecture
• Flexible Architecture
• PA-Series Next-Generation Firewalls
• Virtual Systems
• VM-Series Models and Capacities
• CN-Series Firewall
• K2-Series Next-Generation Firewall: 5G Network
• Prisma Access: Secure Access Service Edge (SASE)
Module 2 – Configuring Initial Firewall Settings
• Initial Access to the Firewall
• Administrative Access Tools
• Initial Login to the Web Interface
• Reset to Factory Configuration
• Web Interface
• Web Interface Editing Guidance
• MGT Interface Configuration: Web Interface
• Other Initial Configuration Settings
• Configure Access to DNS and NTP Services
• Service Routes
• Configure Service Routes
• Activate a Firewall
• Manage Firewall Licenses
• PAN-OS Software Updates
• Dynamic Updates
Lab 2: Configuring Initial Firewall Settings
• Connect to Your Student Firewall
• Configure the DNS and NTP Servers
• Configure General Settings
• Modify Management Interface
• Check for New PAN-OS Software
Module 3 – Managing Firewall Configurations
• Firewall Configuration Types
• Firewall Configuration Actions
• Running and Candidate Configuration Interactions
• Configuration Operations
• Full Commit
• Per-Admin Commit
• Commit Status Window
• Per-Administrator Save and Revert
• Preview and Validate Configuration Changes
• Transaction Locks and Multiple Administrators
• Accessing Firewall Logs
• View and Filter a Log
• Filter a Log Using the Filter Builder
Lab 3: Managing Firewall Configurations
• Save a Named Configuration Snapshot
• Export a Named Configuration Snapshot
• Revert Ongoing Configuration Changes
• Preview Configuration Changes
• Modify System Log File Columns
• Create a System Log File Filter
• Use the Filter Builder
Module 4 – Managing Firewall Administrator Accounts
• Administrator Accounts and Roles
• PAN-OS Supported Authentication Services
• When Are Users Authenticated?
• Configure Authentication “to” the Firewall
• Configure Authentication “Through” the Firewall
• User Authorization “to” and “Through” the Firewall
• Dynamic Admin Roles
• Create Custom Role-Based Admin Roles
• Create a Local (Non-Database) Administrator Account
• Create a User in the User Database
• Create a Local Database Authentication Profile
• Authentication Profile: Advanced Tab
• Create an Administrator Account from a Local Database User
• Create a Non-Local Administrator Account
• Firewall Authentication of Non-Local Passwords
• Configure Server Profiles
• Configure Authentication Profiles
• Configure an Authentication Sequence
• Administrator Authentication Methods
• User Certificate
• Configure a Certificate Profile
• Configure Firewall Authentication Settings
• Create an Administrator Account for Non-Interactive Login
Lab 4: Managing Firewall Administrator Accounts
• Create a Local Database Authentication Profile
• Create a Local User Database Account
• Create an Administrator Account
• Log in With New Admin Account
• Configure LDAP Authentication
• Log in With New Admin Account
• Configure RADIUS Authentication
• Log in With New Admin Account
• Configure an Authentication Sequence
Module 5 – Connecting the Firewall to Production Networks with Security Zones
• Network Segmentation
• Network Segmentation and Security Zones
• Configure Security Policy to Support Segmentation
• Zero Trust Architecture
• Network Interfaces
• Interface Types and Zone Types
• Create a Security Zone
• Flexible Deployment Options for Ethernet Interfaces
• Tap Interfaces
• Configure a Tap Interface
• Virtual Wire Interfaces
• Configure a Virtual Wire Object
• Configure a Virtual Wire Interface
• Layer 3 Interfaces
• Enable IPv4 and IPv6 Support
• Configure a Layer 3 Interface: Config
• Configure a Layer 3 Interface: IPv4
• Configure a Layer 3 Interface: Advanced
• Interface Management Profile
• Layer 3 Subinterfaces
• Configure a Layer 3 Subinterface
• Virtual Routers
• Virtual Router General Settings
• Add a Static Default Route
• Multiple Static Default Routes
• Static Route Path Monitoring
• Troubleshoot Routing
Lab 5: Connecting the Firewall to Production Networks with Security Zones
• Create Layer 3 Network Interfaces
• Create a Layer 3 Interface on ethernet1/1
• Create a Layer 3 Interface on ethernet1/2
• Create a Layer 3 Interface on ethernet1/3
• Create a Virtual Router
• Segment Your Production Network Using Security Zones
• Test Connectivity to Each Zone
• Test Interface Access before Management Profiles
• Define Interface Management Profiles
• Apply Allow-ping to ethernet1/1
• Apply Allow-mgt to ethernet1/2
• Apply Allow-mgt to ethernet1/3
• Test Interface Access after Management Profiles
Module 6 – Creating and Managing Security Policies
• Flow Logic of the Next-Generation Firewall
• Inspect and Control Network Traffic
• Sessions and Flows
• Display Security Policy Rules
• Manage the Policy Ruleset
• Security Policy Rule Types
• Custom and Predefined Rules
• Security Policy Rule Match
• Policy Rule Hit Count
• Rule Shadowing
• Configure a Security Policy Rule: General Tab
• Rule Changes Archive
• Configure a Security Policy Rule: Source Tab
• Configure a Security Policy Rule: Destination Tab
• Configure a Security Policy Rule: Application Tab
• Unresolved Dependencies Reported During a Commit
• Configure a Security Policy Rule: Service/URL Category Tab
• Configure a New Service Definition
• Configure a Security Policy Rule: Actions Settings
• Schedule Security Policy Rules
• Configure a Security Policy Rule: Usage Settings
• Enable Intrazone and Interzone Logging
• Find Unused Security Policy Rules
• Rule Usage Filter
• Create an Address Object
• Create a Static Address Group
• Create a Dynamic Address Group
• Tags
• Tag-Based Rule Groups
• Test Policy Functionality
• Use Global Find
Lab 6: Creating and Managing Security Policy Rules
• Create Security Policy Rule
• Modify Security Policy Table Columns
• Test New Security Policy Rule
• Examine Rule Hit Count
• Reset the Rule Hit Counter
• Examine the Traffic Log
• Enable Logging for Default Interzone Rule
• Create Block Rules for Known-Bad IP Addresses
• Create Security Rules for Internet Access
• Create Users to Internet Security Policy Rule
• Create Extranet to Internet Security Policy Rule
Module 7 – Creating and Managing NAT Policy Rules Flow Logic of the Next-Generation Firewall
• NAT Types
• Source NAT
• Source NAT Types
• Source NAT and Security Policies
• Configure Source NAT
• Source NAT Examples
• Source NAT Examples (Cont.)
• DIPP NAT Oversubscription
• Destination NAT
• Destination NAT Attributes
• Dynamic IP Address Support for Destination NAT
• Destination NAT and Security Policies
• Example: Destination NAT and Security Policies
• Configure Destination NAT
• Destination NAT Port Translation Configuration
• Configure Bidirectional Source NAT
Lab 7: Creating and Managing NAT Policy Rules
• Create a Source NAT Policy Rule
• Verify Internet Connectivity
• Create a Destination NAT Policy
• Test the Destination NAT Rule
Module 8 – Controlling Application Usage with App-ID
• What Is an Application?
• What Is App-ID?
• App-ID Application Identification
• Port-Based Versus Next-Generation Firewalls
• Zero-Day Malware: IPS Versus App-ID
• App-ID and TCP
• Classifying (Labeling) TCP Traffic
• App-ID and UDP
• Classifying (Labeling) UDP Traffic
• Application Shifts
• Application Dependencies
• View Application Dependencies Before Modifying a Rule
• View Unresolved Dependencies Reported After a Commit
• Implicit Applications
• Determine Implicitly Used Applications
• Application Groups
• Application Filters
• Nested Application Groups and Filters
• Predefined and Custom Application Tags
• App-ID in Policy Rules Reduces the Attack Surface
• Application Block Page
• View Applications used in the Traffic Log
• Differentiating Between Known and Unknown Applications
• Control Unknown Applications
• Control Applications on SSL-Secure Ports
• Control Applications on Non-Standard Ports
• Identify Applications in Decrypted SSL Traffic
• Identify Applications in Encrypted SSL Traffic
• Policy Optimizer
• Moving to Application-Based Policies
• Phase 1: Migrate Port-Based Rules
• Phase 2: View Data of Port-Based Rules
• Phase 2: Discover Applications Matching a Port-Based Rule
• Phase 2: Clone a Port-Based Rule Using “Create Cloned Rule”
• Result of “Create Cloned Rule”
• Phase 2: Replace a Port-Based Rule Using “Add to This Rule”
• Result of “Add to This Rule”
• Phase 2: Replace a Port-Based Rule Using “Add to Existing
Rule”
• Result of “Add to Existing Rule”
• Phase 2: Replace a Port-Based Rule Using “Match Usage”
• Result of “Match Usage”
• Prioritize Port-Based Rules to Convert
• Phase 3: Review Port-Based Rules
• Phase 3: Disable Port-Based Rules
• Phase 3: Remove Port-Based Rules
• App-ID and Content-ID Depend on Content Updates
• Schedule Download and Install
• Review Content Update Release Notes
• Review New and Updated Application Details
• Review Policies
Lab 8: Controlling Application Usage with App-ID
• Configure an Application Group
• Configure a Security Policy Rule to Allow Update Traffic
• Test the Allow-PANW-Apps Security Policy Rule
• Examine the Tasks list to see Shadowed message
• Modify the Security Policy to Function Properly
• Test the Modified Security Policy Rule
• Generate Application Traffic
• Research Applications
• Update Security Policy Rules
• Test the Updated Security Policy Rules
• Enable the Application Block Page
• Test the Application Block Page
Module 9 – Blocking Known Threats Using Security Profiles
• Flow Logic of the Next-Generation Firewall
• Introducing Content-ID
• Security Policy with Security Profiles
• Security Profile Types
• Threat Log
• Default Vulnerability Protection Security Profiles
• Vulnerability Protection Profile Rules
• Vulnerability Exceptions
• Default Antivirus Security Profile
• Creating a New Antivirus Profile
• Antivirus Profile Signature Exceptions
• Antivirus Profile WildFire Inline Machine Learning
• Default Anti-Spyware Security Profiles
• Configuring Anti-Spyware Profile Rules
• Anti-Spyware Exceptions
• Configure DNS Signature Match Protection
• Sinkhole Operation
• View Malicious Domains in the Threat Log
• File Blocking Overview
• Creating a New File Blocking Profile
• Continue Response Page
• Blocking Multi-Level Encoded Files
• View Blocked Files in the Data Filtering Log
• Creating a Data Pattern
• Creating a Data Filtering Profile
• View the Data Filtering Log
• Assigning Security Profiles to Security Rules
• Security Profile Groups
• Security Policy Rules
• Denial-of-Service Attacks
• PAN-OS Denial-of-Service Protections
• Flood Protection Thresholds
• Zone Protection: Network Reconnaissance
• Enabling Reconnaissance Protection
• Packet-Based Attacks
• Zone Protection: IP Drop
• Zone Protection: TCP Drop
• Zone Protection: Non-SYN TCP
• Zone Protection: ICMP Drop
• Zone Protection: ICMPv6 Drop
• Zone Protection: Protocol Protection
• Zone Protection: Ethernet SGT Protection
• Enable Zone Protection
Lab 9: Blocking Known Threats Using Security Profiles
• Generate Traffic Without Security Profiles
• Create a Corporate Antivirus Profile
• Create A Corporate Vulnerability Security Profile
• Create a Corporate File Blocking Profile
• Create a Corporate Data Filtering Profile
• Create a Corporate Anti-Spyware Security Profile
• Create an External Dynamic List for Malicious Domains
• Update the Anti-Spyware Profile with EDL
• Create a Security Profile Group
• Apply the Corp-Profiles-Group to Security Policy Rules
• Generate Attack Traffic to Test Security Profiles
Module 10 – Blocking inappropriate web traffic with URL filtering
• Challenges with Preventing Web-Based Threats
• URL Filtering Features
• URL Filtering Profiles
• URL Category: Policy Versus Profile
• URL Filtering Log
• URL Filtering Security Profile
• URL Filtering Security Default Categories
• Multi-Category and Risk-Based URL Filtering
• Configure Per-URL Category Actions
• Configure a Custom URL Category
• URL Filtering Response Pages
• URL Admin Settings
• Configure Safe Search and Logging Options
• HTTP Header Insertion and Modification
• Real-Time Webpage Analysis
• Recommendations for Unknown URL Category
• Recommendations for Not-Resolved URL Category
• URL Filtering Action Precedence
• URL Filtering Precedence Example
• Recategorization Request: Via Log Entries
• Recategorization Requests: Via Webpage
• Use a URL Filtering Profile
• Assigning URL Profile to Security Rules
Lab 10: Blocking Inappropriate Web Traffic with URL Filtering
• Test Access to Inappropriate Web Content
• Create a Security Policy Rule to Block Categories
• Test Access to URLs Blocked by the Security Policy
• Block Access to Inappropriate Web Content Using Security Profile
• Add the URL Profile to the Corp-Profiles-Group
• Disable Block-Bad-URLs Rule
• Test Access to URLs Blocked by a URL Filtering Profile
• Create a Custom URL Category
• Use Custom Category to Block URL Access in Security Policy Rule
• Test Access to Custom URLs Blocked by the Security Policy
• Add Custom URL Category to URL Filtering Profile
• Test Access to Custom URLs Blocked by the URL Filtering Profile
• Create an EDL to Block Malicious URL Access
• Block Access to the URL List with a Security Policy Rule
• Test Access to URLs Blocked by the EDL in the Security Policy
Module 11 – Blocking Unknown Threats with WildFire
• WildFire Threat Intelligence Cloud
• WildFire Operation Overview
• WildFire Verdict Descriptions
• WildFire Protects Email
• Content Packages and WildFire Updates
• Standard and Licensed Functionality
• Hybrid Cloud Example
• Configure WildFire Settings
• Submission Settings
• WildFire Analysis
• WildFire Analysis Profile
• Creating a WildFire Analysis Profile
• Configure Real-Time WildFire Analysis
• Attach WildFire Analysis Profiles to Security Rules
• WildFire Update Schedule
• WildFire Reporting
• Verify Submissions and View Reports
• WildFire Analysis Verdict Example
• Report Incorrect Verdict: Web Interface
• WildFire Portal
• WildFire Dashboard Reports
• Report Incorrect Verdict: WildFire Portal
Lab 11: Blocking Unknown Threats with WildFire
• Create a WildFire Analysis Profile
• Apply WildFire Profile to Security Profile Group
• Update WildFire Settings
• Remove EXE File Type from File Blocking Profile
• Test the WildFire Analysis Profile
• Examine WildFire Analysis Details
• Add EXE File Type from File Blocking Profile
Module 12 – Controlling Access to Network Resources with User-ID
• User-ID Purposes
• User-ID Main Functions
• User-ID Components
• Integrated Agent Versus Windows-Based Agent
• User Mapping Methods
• User Mapping Using GlobalProtect
• User-ID Syslog Monitoring
• User-ID Operation Overview: Domain Controllers
• User-ID Domain Controller Monitoring
• User-ID Windows Session Monitoring
• User-ID Mapping Recommendations
• Configure User-ID
• Enable User-ID Per Zone
• Configure the PAN-OS Integrated User-ID Agent
• Define the Monitored Server(s)
• Define the User-ID Agent Account
• Optional Session Monitoring
• Optional WMI Client Probing
• Verify Connection Status
• LDAP Server Profile
• Create User-ID Group Mapping Filters
• Filter Groups Sent to the Firewall
• Custom Groups Based on LDAP Filters
• Select Users and Groups for a Security Policy
• Dynamic User Groups (DUGs)
• Two Example Use Cases
Lab 12: Controlling Access to Network Resources with User-ID
• Examine Firewall Configuration
• Generate Traffic from the Acquisition Zone
• Enable User-ID on the Acquisition Zone
• Modify the Acquisition-Allow-All Security Policy Rule
• Create Marketing Apps Rule
• Create Deny Rule
• Generate Traffic from the Acquisition Zone
• Examine User-ID Logs
• Examine Firewall Traffic Log
• Examine Firewall Traffic Log
Module 13 – Using Decryption to Block Threats in Encrypted Traffic• Importance of SSL/TLS
• Why Decrypt Network Traffic?
• SSL/TLS Operation Review
• Firewall Decryption Types
• Public Key Infrastructure (PKI)
• Certificate Chain of Trust
• Certificate Management in the Web Interface
• Certificate Hierarchy
• Certificate Creation Overview
• Generate a Self-Signed Certificate
• Import a CA Certificate
• Certificate Signing Request (CSR)
• Generate a CSR for the CA-Signed Certificate
• Certificate Checking and Revocation
• Configuring SSL Decryption Certificate Revocation Checking
• SSL Forward Proxy Review
• Forward Trust and Forward Untrust Certificates
• Configure a Forward Trust Certificate
• Configure a Forward Untrust Certificate
• Renew an SSL Forward Untrust Certificate
• Configure SSL Forward Proxy Decryption Policy
• Forward Proxy Decryption Profile
• Create the Corresponding Security Policy Rules
• SSL Inbound Inspection Review
• Import Server Certificate and Private Key
• Configure an SSL Inbound Inspection Policy
• Configure an Inbound Inspection Decryption Profile
• Decryption Exclusions
• No Decryption
• SSL Decryption Troubleshooting
• Troubleshoot SSL Session Terminations
• Decryption in the Traffic Log
• SSH Decryption
• SSH Traffic and the Security Policy
• Reasons to Not Configure SSL Decryption
• Decryption Port Mirroring
• Decryption Broker
• Hardware Security Modules (HSMs)
Lab 13: Using Decryption to Block Threats in Encrypted Traffic
• Test the Firewall Behavior Without Decryption
• Create A Self-Signed Certificate for Trusted Connections
• Create a Decryption Policy Rule for Outbound Traffic
• Test Outbound Decryption Policy
• Export the Firewall Certificate
• Import the Firewall Certificate to Firefox
• Test Outbound Decryption Policy Again
• Review Firewall Logs
• Exclude URL Categories from Decryption
• Test the No-Decryption Rule
Module 14 – Locating Valuable Information Using Logs and Reports
• View Threat and Traffic Information
• The Dashboard
• Widgets for Viewing Threat Information
• Widgets for Viewing Application Information
• Application Command Center (ACC)
• Widgets on the ACC Network Activity and Threat Activity Tabs
• Example: Threat Activity Widget
• Firewall Logging Overview
• Example: Traffic Log
• Example: Threat Log
• Example: URL Filtering Log
• Example: WildFire Submissions Log
• Example: Data Filtering Log
• Example: Unified Log
• Correlation Engine, Objects, and Events
• App Scope Reports
• App Scope Reports: What’s Available?
• App Scope Reports: What’s Available? (Cont.)
• Example: App Scope Report
• Firewall Logging and Reporting Overview
• Predefined Reports
• Example: Threats Report
• Custom Reports
• Custom Report Example
• Custom Report with a Query Builder Filter
• Query Builder Report Example
• Device Telemetry
• Configure Device Telemetry
• Monitor Device Telemetry
• Firewall Log Forwarding Review
• Configure a Server Profile: Syslog Example
• Configure Logs to Forward: Example
• Apply Log Forwarding
Lab 14: Locating Valuable Information Using Logs and Reports
• Generate Traffic
• Display Recent Threat Information in the Dashboard
• Display Recent Application Information in the Dashboard
• View Threat Information in the ACC
• View Application Information in the ACC
• View Threat Information in the Threat Log
• View Application Information in the Traffic Log
• View Threats Using App Scope Reports
• View Threat Information Using Predefined Reports
• View Application Information Using Predefined Reports
• View Threat and Application Information Using Custom Reports
Lab 15: Capstone
• Configure Networking
• Configure Security Zones
• Configure NAT Policy Rules
• Configure Security Policy Rules
• Create and Apply Security Profiles
Appendix A Securing Endpoints with GlobalProtect
• Modern Risks Presented by the Mobile Worker
• GlobalProtect
• Zero Trust Principles With GlobalProtect
• GlobalProtect Components
• GlobalProtect Connection Sequence
• GlobalProtect Simple Topology
• GlobalProtect Advanced Topology
• GlobalProtect for Internal User-Based Access
• Determining Internal or External Gateways
• GlobalProtect Certificates
• Authentication Server Profile Example
• Activate the Agent Software on the Portal
• GlobalProtect Portal
• Portal Configuration
• Portal Authentication
• Client Configuration: Agent Certificates
• Client Configuration: Authentication
• Client Configuration: Internal Gateways
• Client Configuration: External Gateways
• Client Configuration: App Connection Methods
• Portal Configuration: Clientless VPN
• Clientless VPN: Applications to User Mapping
• GlobalProtect Gateway
• Gateway: General Tab
• Gateway: Tunnel Settings Tab
• Gateway: Config Selection Criteria Tab
• Gateway: IP Pools Tab
• Gateway: Split Tunnel Tab
• Gateway: Enable Network Services
• GlobalProtect and User-ID
• GlobalProtect Agent
• Installing the Agent
• Client Configuration
• GlobalProtect Log
• GlobalProtect Log Forwarding
• GlobalProtect Activity in the ACC
Appendix B – Providing Firewall Redundancy with High Availability
• Firewall High Availability
• Active/Passive HA
• Active/Active HA
• HA Prerequisites
• Active/Passive HA Links
• Dedicated and Non-Dedicated HA Ports
• HA Backup Links
• Designating an Active Firewall
• Failure Detection
• HA Timer Profiles
• Heartbeat Backup on MGT Port
• Prepare In-Band Interfaces
• Configuring HA
• Enabling Active/Passive HA
• Configuring the Control Link
• Configuring the Backup Control Link
• Configuring the Data Link
• Configuring the Backup Data Link
• Configuring Election Settings
• Configuring Active/Passive Settings
• Link Group Monitoring
• Configuring Path Monitoring
• Active/Passive HA Pair Start-Up
• Active/Passive Firewall States
• Monitor Firewall States
• System Log
Appendix C – Connecting Remote Sites Using VPNs
• Site-to-Site VPN Overview
• IPSec Overview
• IKE Phase 1
• IKE Phase 2
• Route-Based Site-to-Site VPN
• VPN Tunnel Component Interaction
• Phase 1 Object: IKE Cryptographic Profiles
• Phase 1 Object: IKE Gateway – General Tab
• Phase 1 Object: IKE Gateway – Advanced Options
• Phase 2 Object: IPsec Cryptographic Profiles
• VPN Tunnel Interface
• Phase 2 Object: IPsec Tunnel
• Phase 2 Object: Proxy ID
• Static Route for VPN
• IPsec Tunnel Status: Check Connectivity
• IPSec Tunnel Status: Troubleshooting Connectivity
• VPN Error Messages
• Reading VPN Error Messages (System Log
Appendix D – Configuring User-ID Windows Agent
• Configure the Windows-Based User-ID Agent
• Select the Installation Location
• Download User-ID Agent Software
• Agent Setup Process
• Configure the User-ID Agent Account
• Configure Server Monitoring
• Configure Client Probing
• Configure the Monitored Servers
• Configure the Firewall to Connect to the Agent
• Confirm Connection to the User-ID Agent
• Display Mappings from the Windows Agent
• Display Mappings from the Firewall CLI
• Data Redistribution
• Configure the Firewall to Connect to the Redistribution Point
• Configure the Firewall to Connect to the Redistribution Point (Cont.)
• LDAP Server Profile
• Create User-ID Group Mapping Filters
• Filter Groups Sent to the Firewall
• Custom Groups Based on LDAP Filters
• Select Users and Groups for a Security Policy
Successful completion of this five-day, instructor-led course should enhance the student’s understanding of how to configure and manage Palo Alto Networks Next Generation Firewalls. The course includes hands-on experience configuring, managing, and monitoring a firewall in a lab environment.