Lab Guide
Allgemeine Informationen
Knowledge Base
https://knowledgebase.paloaltonetworks.com
Umfangreiche Dokumentation
https://docs.paloaltonetworks.com
Live Community
https://live.paloaltonetworks.com/
PaloAlto Best Practices
https://docs.paloaltonetworks.com/best-practices
Beacon Plattform
https://beacon.paloaltonetworks.com
Security Information (CVE)
https://security.paloaltonetworks.com/
PaloAlto Cloud Status
https://status.paloaltonetworks.com/
Best Practice Assessment Tool Video
https://www.paloaltonetworks.com/resources/videos/bpa-demo
https://www.youtube.com/watch?v=GNHCq3NvkVk
Unit42 – Threat Research Team von PaloAlto
https://unit42.paloaltonetworks.com
Subscriptionsübersicht
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/subscriptions
BOLL Cheat Sheet
https://blog.boll.ch/cheatsheet-panos-10-1/
Module 1 – Palo Alto Networks Portfolio and Architecture
Produkteinformationen
Strata: https://www.paloaltonetworks.com/network-security
Prisma: https://www.paloaltonetworks.com/prisma
Cortex: https://www.paloaltonetworks.com/cortex
Hardware Architecture
https://www.paloaltonetworks.com/resources/pa-series-next-generation-firewalls-hardware-architectures
Compare Next Generation Firewalls
https://www.paloaltonetworks.com/products/product-selection.html
Packet Flow Sequence in PAN-OS
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVHCA0
Best Practices Implementing Zero Trust with Palo Alto Networks
https://docs.paloaltonetworks.com/best-practices/zero-trust-best-practices/zero-trust-best-practices
Module 2 – Configuring Initial Firewall Settings
Palo Alto Release Guidance
https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304
Zero Touch Provisioning ZTP
https://docs.paloaltonetworks.com/panorama/10-2/panorama-admin/manage-firewalls/set-up-zero-touch-provisioning/ztp-overview/about-ztp
Configuration (API)
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/pan-os-xml-api-request-types/configuration-api
Module 3 – Managing Firewall Configurations
GitHub Vorlagen (Iron Skillet)
https://github.com/PaloAltoNetworks/iron-skillet
Day 1 Konfiguration
Support Portal > Tools > Run Day 1 Configuration
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PM2lCAG
Expedition Migration Tool (LiveCommunity)
https://live.paloaltonetworks.com/t5/expedition/ct-p/migration_tool
Log Types and Severity Levels
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/view-and-manage-logs/log-types-and-severity-levels
PAN-OS and Panorama API Usage Guide
https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-panorama-api/about-the-pan-os-xml-api
Module 4 – Managing Firewall Administrator Accounts
Test Authentication Server Connectivity
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/authentication/test-authentication-server-connectivity
Module 5 – Connecting the firewall to production networks with security zones
More Runtime Stats for a Virtual Router
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network-virtual-routers/more-runtime-stats-for-a-virtual-router
CLI: How to Check Throughput of Interfaces
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clj0CAC
SNMP: How to Check Throughput of Interfaces
https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/getting-started
Module 6 – Creating and managing Security Policy rules
Palo Alto Networks Firewall Session Overview
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVECA0
Device > Troubleshooting
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/device/device-troubleshooting
EDL Hosting Service von PaloAlto
https://docs.paloaltonetworks.com/resources/edl-hosting-service
Module 7 – Creating and managing NAT policy rules
How to Monitor Live Sessions in the CLI
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CluBCAS
How to Check the NAT Buffer Pool
> show running ippool
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CliQCAS
U-Turn oder Hairpin NAT
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEiCAK&lang=de
DNS rewrite on a Palo Alto Networks firewall
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClfjCAC
Module 8 – Controlling application usage with App-ID
Application Research Center (Applipedia)
https://applipedia.paloaltonetworks.com/
Block Page Variables / Images
https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/url-filtering/url-filtering-response-pages.html
EDL Hosting Service (IP Lists for Microsoft365, AWS, Azure, GCP)
https://docs.paloaltonetworks.com/resources/edl-hosting-service
Pro-Tips – Unknown Applications
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clc6CAC
How to Request a New App-ID
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clu2CAC
Best Practices for Applications and Threat Content Updates
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/software-and-content-updates/best-practices-for-app-and-threat-content-updates
Module 9 – Blocking known Threats Using Security Profiles
Threat Vault zum Nachschauen von Threat Informationen
https://threatvault.paloaltonetworks.com/
Prüfseite für Regular Expressions
https://regex101.com/
Configure Ethernet SGT Protection
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/ethernet-sgt-protection
Module 10 – Blocking inappropriate web traffic with Advanced URL filtering
URL Filtering Webseite zum Nachschauen der URL Kategorien
https://urlfiltering.paloaltonetworks.com/
URL Filtering Best Practices
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/url-filtering-best-practices
URL Categories
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/url-categories
Create Best Practice Security Profiles
https://docs.paloaltonetworks.com/best-practices/10-2/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles
Module 11 – Blocking unknown threats with Wildfire
Wildfire Portals
https://eu.wildfire.paloaltonetworks.com
https://de.wildfire.paloaltonetworks.com
https://ch.wildfire.paloaltonetworks.com
PE Testfile
http://wildfire.paloaltonetworks.com/publicapi/test/pe
Wildfire: Set Up Alerts for Malware
https://docs.paloaltonetworks.com/wildfire/10-1/wildfire-admin/monitor-wildfire-activity/use-the-firewall-to-monitor-malware/set-up-alerts-for-malware.html
WildFire Best Practices
https://docs.paloaltonetworks.com/wildfire/10-2/wildfire-admin/wildfire-deployment-best-practices/wildfire-best-practices
Module 12 – Controlling access to network resources with User-ID
XML API zum Setzen von User Tags
http://api-lab.paloaltonetworks.com/registered-user.html
Cloud Identity Engine
https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-new-features/app-id-features/cloud-based-app-id.html
Create a Dedicated Service Account for the User-ID Agent
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/user-id/map-ip-addresses-to-users/create-a-dedicated-service-account-for-the-user-id-agent
Dynamic User Group
Video: https://www.paloaltonetworks.com/resources/videos/dynamic-user-group
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/policy/use-dynamic-user-groups-in-policy
Module 13 – Using decryption to block threats in encrypted traffic
Empfehlung: XCA Certificate management Tool
https://hohnstaedt.de/xca/
How to Create Subordinate CA Certificates with Microsoft Certificate Server
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClWOCA0
Umgehen von Google Chrome Zertifikatsfehler: thisisunsafe eingeben
Module 14 – Locating valuable information using logs and reports
Log Retention
https://live.paloaltonetworks.com/t5/blogs/log-retention/ba-p/306150
–> show system logdb-quota
SNMP MIB FIles
https://docs.paloaltonetworks.com/resources/snmp-mib-files
Generate and Send Botnet Reports to Emails
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CldbCAC
Logging Profile auf allen Policies zufügen
https://live.paloaltonetworks.com/t5/general-topics/log-forwarding-profile-in-all-security-policies/td-p/205426
Module Site-to-Site VPN
How to Troubleshoot IPSec VPN connectivity issues
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClivCAC
Support for Elliptic Curves (DH Groups)
https://docs.paloaltonetworks.com/compatibility-matrix/supported-cipher-suites/cipher-suites-supported-in-pan-os-10-2/cipher-suites-supported-in-pan-os-10-2-ipsec