0.0 Palo Alto CBT Nuggets
0.1 Palo Alto Training Videos
1. How to Import and Export Address and Address Objects (CLI) (Creating objects from a file of IPs)
2. How to Create an IPSec Tunnel to AWS (Amazon Web Services) From a Palo Alto Firewall with Static Routing
3. Revert Firewall Configuration Changes (Revert to the current running configuration)
4. Best Practices for PAN-OS Upgrade (Palo Alto Upgrade)
4.1 Upgrade Palo Firewalls (CLI)
5. How to Unblock Addresses after Block-IP Action is Triggered by Threat Protection
6.0 What is IPSec?
6.1 Palo Alto (8.0) Site to Site VPNs
6.2 IPSec VPN Setup (Site to Site VPN Config)
6.3 IPSec Site to Site tunnel: Palo Alto to Cisco
7.0 Example NAT Rules (Important)
7.1 Tutorial: How to Configure Source NAT on the PAN-OS GUI
7.2 Tutorial: Network Address Translation
7.3 Tutorial: Understanding the NAT/Security Policy Configuration
7.4 How to Configure U-Turn NAT
7.5 Configure Destination NAT Using Dynamic IP Addresses
8.0 Palo Alto Commands (Important)
8.1 Useful Troubleshooting Commands
9.0 SSL Outbound Decryption
9.1 How to Implement and Test SSL Decryption (Inbound and Outbound)
9.2 HOW TO TEMPORARILY DISABLE SSL DECRYPTION
10.0 GlobalProtect Logs from the Client
10.1 How to Configure GlobalProtect Portal Page to be Accessed on any Port
10.2 GLOBALPROTECT CLIENT STUCK AT CONNECTING WHEN WORKSTATION IS ON THE LOCAL NETWORK
10.3 BASIC GLOBALPROTECT CONFIGURATION WITH USER-LOGON
11.0 Brute Force Related Signatures
11.1 Best Practice for FTP Brute Force
12.0 End-of-Life Summary
13.0 How to Generate a CSR (Certificate Signing Request) & Import the Signed Certificate
14.0 TSHOOT USER-ID: Useful CLI Commands to Troubleshoot LDAP Connection
14.1 USER-ID TSHOOT: Agentless User-ID Connection to Active Directory Servers Intermittently Connect and Disconnect
14.2 AGENTLESS USER-ID ‘ACCESS DENIED’ ERROR IN SERVER MONITOR
14.3 Palo Alto NTSTATUS: NT_STATUS_ACCESS_DENIED – Access denied
14.4 HOW TO CONFIGURE AGENTLESS USER-ID
15.0 Viewing the configuration in set and XML format
16.0 How to View and Install PAN-OS Software through the CLI
17.0 Configuring IKEv2 IPsec VPN for Microsoft Azure Environment
17.1 Configuring IKEv2 IPsec VPN for Microsoft Azure Environment
18.0 What Happens When Licenses Expire on the Palo Alto Networks Firewall?
19.0 Deploy Palo Alto in Azure
20.0 NOT-APPLICABLE, INCOMPLETE, INSUFFICIENT DATA IN THE APPLICATION FIELD
21.0 WHAT IS A PORT SCAN?
22.0 AFTER CONFIGURING SSL DECRYPTION, WEB BROWSING SESSIONS DO NOT MATCH THE CONFIGURED POLICY
23.0 Multiple ISPs (Load Balancing and Load Sharing)
23.1 HOW TO CONFIGURE ISP REDUNDANCY AND LOAD BALANCING
23.2 HOW TO IMPLEMENT ECMP (LOAD BALANCING) ON THE FIREWALL
23.3 ECMP Load-Balancing Algorithms
24.0 Palo Alto Networks-Add HA Firewall Pair to Panorama
24.1 HOW TO ADD A LOCALLY MANAGED FIREWALL TO PANORAMA MANAGEMENT
24.2 HOW TO PERFORM A DEVICE CONFIG IMPORT INTO PANORAMA
24.3 Steps: Adding HA devices to Panorama
25.0 Comparing Palo Alto Next Gen Firewalls with Web Application Firewalls (WAF)
26.0 Reset/Recover Password Palo Alto
26.1 How to perform a Factory Reset on a Palo Alto Networks Device?
27.0 Log Retention and Quotas
27.1 TIPS & TRICKS: LOG DELETION BASED ON TIME
28.0 HOW TO IMPORT AND EXPORT ADDRESS AND ADDRESS OBJECTS
29.0 Migrating Checkpoint to Palo using Migration Tool 3.x
29.1 Migration Tool 3 Info and Guide
29.2 Checkpoint to Palo Alto Migration (Video)
30.0 Useful Palo Alto CLI Commands
31.0 SNMP configuration examples
31.1 Configuring Syslog, SNMP and NetFlow on a Palo Alto Networks Firewall
32.0 DNS Sinkhole
33.0 CONTROLLING WEBMAIL
34.0 Estimate logging rate based on log receiver statistics
35.0 Export Palo Policies in excel/xls format for version 7.x.x
36.0 User-ID Redistribution (Using Main firewall as User ID agent for other firewalls)
37.0 DUAL ISP REDUNDANCY USING STATIC ROUTES PATH MONITORING FEATURE, FOR TRAFFIC FAILOVER
38.0 HOW TO CHECK USERS IN LDAP GROUPS
39.0 CONFIGURING WINDOWS 2008 R2 RADIUS AUTHENTICATION (NPS RADIUS SERVER)
40.0 Connecting PAN-OS to MineMeld using External Dynamic Lists
40.1 Enable Access to Office 365 with MineMeld
40.2 MineMeld Overview
40.3 Quick Tour of MineMeld Default Config
Best Practices:
SD-WAN:
How to Setup SDWAN in LAB using Palo Alto Network Virtual Firewalls (Video)
A Palo Alto Networks Case Study: Secure Branch Networking with SD-WAN (Video)
Secure SD-WAN by Palo Alto Networks (Video)
Palo SD-WAN Admin Guide (Document)
Network and CyberSecurity Professional 