• Describe information security concepts and strategies within the network
• Describe common TCP/IP, network application, and endpoint attacks
• Describe how various network security technologies work together to guard against attacks
• Implement access control on Palo Alto Firewall Next-Generation Firewall
• Describe and implement basic email content security features and functions provided by Palo Alto Firewall
• Describe and implement web content security features and functions provided by PAN OS Database
• Describe Panorama and how use it to manage multiple firewalls using a centralized management console
• Introduce VPNs and describe cryptography solutions and algorithms
• Describe Palo Alto Firewall site-to-site and client less connectivity solutions
• Describe Palo Alto client based secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication
• Provide basic understanding of endpoint security and describe Auto Focus and Cortex XDR for Endpoints architecture and basic features
• Describe Strata for Enterprise and Prisma Cloud solutions
• Describe basics of cloud computing and common cloud attacks and how to secure cloud environment

This course is created to impart knowledge and skills related to security fundamentals, network access, information security, web application security and malware. This course will help candidates prepare to tackle real world cyber security incidents. The following topics are general guidelines to better reflect the contents of the course and for clarity purposes, the guidelines below may change at any time without notice.

• Introduction to Palo Alto Security Core Components

1. Components of the Palo Alto Networks Strata Portfolio
2. Components and operation of Single-Pass Parallel Processing architecture

• Device Management and Services

1. Firewall Management Interfaces
2. Provision local administrators and assigning role-based authentication
3. Define Firewall configurations
4. How to push policy updates to Panorama-managed firewalls
5. Identify the types of dynamic updates and their purpose
6. Identify what a security zone is and how to use it
7. Identify and configure firewall interfaces
8. Configure a virtual router

• Managing Objects

1. Identify how to create address objects
2. Identify how to create services
3. Identify how to use predefined Palo Alto Networks external dynamic lists
4. Configure application filters and application groups

• Policy Evaluation and Management

1. Identify the appropriate application-based security policy
2. Identify the purpose of specific security rule types
3. Identify and configure Security policy match conditions, actions, and logging options
4. Identify and implement the proper NAT policy
5. Identify the tools available to optimize Security policies

• Securing Traffic

1. Identify and apply the appropriate Security Profile
2. Identify the difference between Security policy actions and Security Profile actions
3. Use the cloud DNS Security to control traffic based on domains
4. Use the PAN-DB database to control traffic based on websites
5. Identify how to control access to specific URLs using custom URL filtering categories
6. Differentiate between group mapping and IP to user mapping within policies and logs

• Configure Palo Alto Firewall Management Interfaces
• Configure Palo Alto Interface Profile
• Configure service routes
• Assign role-based access control to administrators.
• Assign authentication for administrators.
• Assign the authentication sequence for administrators.
• Manage running configuration.
• Manage candidate configuration.
• Understand when to use load, save, import and export.
• Understand device groups and hierarchy.
• Understand where to place policies.
• Understand implications of Panorama management.
• Understand how to backup Panorama configurations and NGFW from Panorama.
• Understand the impact of dynamic updates to existing security
• policies.
• Identify zone types.
• Identify which zones to apply for security policies.
• Identify and understand the different types of interfaces.
• Identify how interface types affect security policies.
• Identify how interface types affect security policies.
• Identify steps to create a static route.
• Understand how to use the routing table.
• Identify steps to configure a virtual router.
• Identify what interface types can be added to a virtual router.
• Understand how to configure route monitoring.
• Apply address objects to policy.
• Create address groups.
• Identify how to tag objects.
• Differentiate between the address objects.
• Apply services to policy.
• Create service groups.
• Identify how to implement an exception to a predefined EDL.
• Identify how to apply in security policy
• Differentiate between application filters and groups and when to
• use them.
• Include an application filter in policy.
• Include an application group in policy.
• Identify the purpose of application characteristics as defined in the
• App-ID database
• Identify an appropriate APP-ID rule.
• Understand rule shadowing.
• Group rules by tag.
• Identify the potential impact of App-ID updates to existing security policy rules.
• Identify and configure Security policy match conditions, and actions.
• Understand how to use Application Filters and Groups.
• Understand how to use logging options
• Implement a destination NAT.
• Implement a source NAT.
• Differentiate various NAT options.
• Create a NAT in the proper order based on pre-existing NATs
• Identify the policy test match tool.
• Identify the policy optimizer.
• Identify Expedition
• Differentiate between different types of security profiles.
• Identify how to create and modify a Security Profile.
• Identify how to add a Security Profile to policy.
• Identify how to create a profile group.
• Identify how to add a security profile group to policy.
• Differentiate between traffic logs, threat logs and data logs.
• Differentiate between security profile actions
• Identify where to configure DNS security.
• Identify how to apply DNS security in policy.
• Identify how to apply a URL profile in a security policy.
• Identify how to create a URL filtering profile
• Identify why a URL was blocked.
• Identify how to allow a blocked URL.
• Identify how to request a URL recategorization.
• Identify how to control access to specific locations.
• Identify how to apply to specific policies.
• Identify users within the ACC and the monitor tab.

• Minimum batch size required for batch is 10 participants in the this course.
• The RST Forum reserves the right to cancel/postpone the class.
• Course schedule will be provided before commencement of the course.
• Certificate of participation will be awarded to participants with a minimum 90% attendance.
• All attendees are to observe the Copyright Law on intellectual properties such as software and courseware from respective vendors.
• The RST Forum reserves the right to include external participants in the program either for the entire course or individual courses.
• The RST Forum reserves the right to change/alter the sequence of courses. RST FORUM published Book would be given at 50% discounted rate to the forum students.