Palo Alto Next Generation Firewall Administration Course Overview

After completing this course, students will be able to configure, install, and administer Palo Alto Networks firewall. Students will also learn about: the configuration steps for the networking, security, logging, and reporting features of the PAN-OS, and the configuration steps for VPN & High Availability.

This course is best suited for: security engineers, network engineers, and support staff.


  • 1. Do you have limited Window for training?
  • 2. Can you only spend 4-hours per day?
  • 3. Do you want to start training immediately?
  • If your answer is yes to any one of the above, you need 1-on-1- Training
The 1-on-1 Advantage
Flexible Dates
4-Hour Sessions
  • View video
  • The course will be free if we are not able to start within 7 days of booking.
  • Only applicable for courses on which this logo appears.

Your will learn:

  • Using GUI
  • Using CLI Password Management
  • Certificate Management
  • Log Forwarding
  • PAN-OS & Software Update
  • VLAN Objects
  • QoS
  • Virtual Wire
  • Tap
  • Sub interfaces
  • Security Zones
  • Advance NAT Features
  • IPv6 Overview
  • Policy Based Forwarding
  • Routing Protocols (OSPF)
  • Interface Management
  • Service Routes
  • DHCP
  • Virtual Routers
  • Policy Objects
  • Defining Security Policy
  • DMZ
  • Source and Destination NAT
  • NAT Policy Configuration
  • App-ID Process
  • Security Policy Configuration
  • Policy Administration
  • Defining new Application Signatures
  • Application Override
  • Antivirus
  • Anti-spyware
  • Vulnerability
  • URL Filtering
  • File Blocking: WildFire™
  • Zone Protection
  • Custom Threat Signatures
  • Data Filtering
  • DoS Protection
  • Botnet Report
  • Setting Up Authentication Profiles
  • Creating a Local User Database
  • Configuring RADIUS Server Settings
  • Configuring LDAP Server Settings
  • Configuring Kerberos Settings
  • User-ID Agent
  • Enumerating Users
  • Mapping Users to IP
  • Captive Portal
  • LDAP Integration
  • Users in Security Policy
  • SSL Inbound and Outbound
  • Virtual Private Networks - Intro
  • VPN Tunnels
  • IPSec and IKE
  • IPSec and IKE Crypto Profiles
  • Setting Up IPSec VPNs
  • Defining IKE Gateways
  • Setting Up IPSec Tunnels
  • Defining IKE Crypto Profiles
  • Defining IPSec Crypto Profiles
  • Viewing IPSec Tunnel Status on the Firewall .
  • Logging Configuration
  • Scheduling Log Exports
  • Defining Configuration Log Settings
  • Defining System Log Settings
  • Defining HIP Match Log Settings
  • Defining Alarm Log Settings
  • Managing Log Settings
  • Configuring Syslog Servers
  • Custom Syslog Field Descriptions.
  • Configuring Active/Active HA
  • Device Groups & Templates
  • Shared Policy
  • Config Management
  • Reporting and Log Collection
Live Online Training (Duration : 40 Hours)
Group Training 1800 Per Participant
06 - 10 Jun 09:00 AM - 05:00 PM CST
(8 Hours/Day)
04 - 08 Jul 09:00 AM - 05:00 PM CST
(8 Hours/Day)
1-on-1 Training 3600 2050 + If you accept merging of other students.
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

1-On-1 Training is Guaranteed to Run (GTR)
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Classroom Training is available. Enquire for the fee Click
Ultra-Fast Track

If you can't spare 40 hours. We can offer you an Ultra-Fast Track for 20 hours for only USD 1,640

Course Prerequisites
  • Basic familiarity with networking concepts including routing, switching, and IP addressing

Upon Completion of this Course, you will accomplish following:

  • Use GUI and use CLI. Set Up Authentication Profiles.
  • Create a Local User Database.
  • Configure RADIUS Server Settings.
  • Content-ID Agent.
  • Comprehend Antivirus and anti-spyware.
  • Define IKE Gateways.
  • Set Up IPSec Tunnels.
  • Set Up IPSec VPNs.
  • View IPSec Tunnel Status on the Firewall.
  • Define IPSec Crypto Profiles.
  • Define IKE Crypto Profiles.
  • Log Configuration.
  • Define Alarm Log Settings.
  • Schedule Log Exports.
  • Define Configuration Log Settings.
  • Configure Active/Active HA.
  • Comprehend about Panorama.

Give an edge to your career with Other Technologies certification training courses. Students can join the classes for Palo Alto Next Generation Firewall Administration Training Course at Koenig Campus located at New Delhi, Bengaluru, Shimla, Goa, Dehradun, Dubai & Instructor-Led Online.

Request More Information

Add Name and Email Address of participant (If different from you)


Yes, fee excludes local taxes.
The Fee includes:
  • Courseware
  • Testing Via Qubits
Yes, Koenig Solutions is a Palo Alto Learning Partner

Palo Alto Networks produced the world's first Next Generation Firewall in 2007. These next generation firewalls secure businesses with a prevention-focused architecture and integrated innovations that can be easily deployed and used.

The Next Generation Firewall is a third generation firewall technology that is built by combining a traditional firewall with other network device filtering functionalities. These firewalls detect known and unknown threats, even those included in encrypted traffic, by leveraging intelligence generated across customer deployments.

The National Institute of Standards and Technology (NIST) 800-10 has divided firewalls into three basic types:

  • Packet Filters - check incoming and outgoing traffic by creating a checkpoint at a traffic router or switch.
  • Stateful Inspection - combines packet inspection technology and TCP handshake verification for enhanced protection.
  • Proxys (or Application Level Gateways or Firewalls) - operate at the application layer and works by establishing a connection to the traffic source and inspecting the incoming data packet.

There are two more types of firewalls that are currently available:

  • Circuit-Level Gateways - verify the Transmission Control Protocol (TCP) handshake which is designed to check that the packet session is legitimate.
  • Next-Gen Firewalls - include architectures such as deep-packet inspection, TCP handshake checks and surface level packet inspection.

Yes, Palo Alto Networks firewall is a Stateful firewall. Palo Alto Networks is the principal developer for the Stateful Inspection Firewall and the first Intrusion Prevention System. Stateful Firewall technology involves the inspection of traffic passing through the firewall by matching it against a session. Each session is later matched against a security policy.

Firewalls work like filters between computers and the Internet. They are designed to stop unauthorized access to or from a private network. All messages entering or leaving the intranet pass through a firewall to ensure that an unwanted message doesn’t get transferred.