Palo Alto Next Generation Firewall Administration

Palo Alto Next Generation Firewall Administration Certification Training Course Overview

After completing this course, students will be able to configure, install, and administer Palo Alto Networks firewall. Students will also learn about: the configuration steps for the networking, security, logging, and reporting features of the PAN-OS, and the configuration steps for VPN & High Availability.

This course is best suited for: security engineers, network engineers, and support staff.


Test your current knowledge on Qubits42

Palo Alto Next Generation Firewall Administration (40 Hours) Download Course Contents

Live Online Training
Group Training 1800
06 - 10 Dec 09:00 AM - 05:00 PM CST
(8 Hours/Day)
03 - 07 Jan 09:00 AM - 05:00 PM CST
(8 Hours/Day)
1-on-1 Training (GTR) 2050
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

GTR=Guaranteed to Run
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Buy Flexi For Only $99 (Online Training Re-imagined)

Course Modules

Module 2 – Administration & Management
  • Using GUI
  • Using CLI Password Management
  • Certificate Management
  • Log Forwarding
  • PAN-OS & Software Update
Module 3 – Interface Configuration
  • VLAN Objects
  • QoS
  • Virtual Wire
  • Tap
  • Sub interfaces
  • Security Zones
Module 4 – Layer 3 Configurations
  • Advance NAT Features
  • IPv6 Overview
  • Policy Based Forwarding
  • Routing Protocols (OSPF)
  • Interface Management
  • Service Routes
  • DHCP
  • Virtual Routers
Module 5- Security Policy
  • Policy Objects
  • Defining Security Policy
  • DMZ
Module 6- NAT
  • Source and Destination NAT
  • NAT Policy Configuration
Module 7 – App-ID™
  • App-ID Process
  • Security Policy Configuration
  • Policy Administration
  • Defining new Application Signatures
  • Application Override
Module 8 – Content-ID™
  • Antivirus
  • Anti-spyware
  • Vulnerability
  • URL Filtering
  • File Blocking: WildFire™
  • Zone Protection
  • Custom Threat Signatures
  • Data Filtering
  • DoS Protection
  • Botnet Report
Module 9 - Authentication Profiles
  • Setting Up Authentication Profiles
  • Creating a Local User Database
  • Configuring RADIUS Server Settings
  • Configuring LDAP Server Settings
  • Configuring Kerberos Settings
Module 10 – User-ID™
  • User-ID Agent
  • Enumerating Users
  • Mapping Users to IP
  • Captive Portal
  • LDAP Integration
  • Users in Security Policy
Module 11 – Decryption
  • SSL Inbound and Outbound
Module 12 – VPN
  • Virtual Private Networks - Intro
  • VPN Tunnels
  • IPSec and IKE
  • IPSec and IKE Crypto Profiles
  • Setting Up IPSec VPNs
  • Defining IKE Gateways
  • Setting Up IPSec Tunnels
  • Defining IKE Crypto Profiles
  • Defining IPSec Crypto Profiles
  • Viewing IPSec Tunnel Status on the Firewall .
Module 13 – Reports and Logs
  • Logging Configuration
  • Scheduling Log Exports
  • Defining Configuration Log Settings
  • Defining System Log Settings
  • Defining HIP Match Log Settings
  • Defining Alarm Log Settings
  • Managing Log Settings
  • Configuring Syslog Servers
  • Custom Syslog Field Descriptions.
Module 14 – High Availability
  • Configuring Active/Active HA
Module 15 – Panorama (Only Theory)
  • Device Groups & Templates
  • Shared Policy
  • Config Management
  • Reporting and Log Collection
Download Course Contents

Request More Information

Course Prerequisites
  • Basic familiarity with networking concepts including routing, switching, and IP addressing

Upon Completion of this Course, you will accomplish following:

  • Use GUI and use CLI. Set Up Authentication Profiles.
  • Create a Local User Database.
  • Configure RADIUS Server Settings.
  • Content-ID Agent.
  • Comprehend Antivirus and anti-spyware.
  • Define IKE Gateways.
  • Set Up IPSec Tunnels.
  • Set Up IPSec VPNs.
  • View IPSec Tunnel Status on the Firewall.
  • Define IPSec Crypto Profiles.
  • Define IKE Crypto Profiles.
  • Log Configuration.
  • Define Alarm Log Settings.
  • Schedule Log Exports.
  • Define Configuration Log Settings.
  • Configure Active/Active HA.
  • Comprehend about Panorama.

Give an edge to your career with Other Technologies certification training courses. Students can join the classes for Palo Alto Next Generation Firewall Administration Training Course at Koenig Campus located at New Delhi, Bengaluru, Shimla, Goa, Dehradun, Dubai & Instructor-Led Online.


Yes, fee excludes local taxes.

Palo Alto Networks produced the world's first Next Generation Firewall in 2007. These next generation firewalls secure businesses with a prevention-focused architecture and integrated innovations that can be easily deployed and used.

The Next Generation Firewall is a third generation firewall technology that is built by combining a traditional firewall with other network device filtering functionalities. These firewalls detect known and unknown threats, even those included in encrypted traffic, by leveraging intelligence generated across customer deployments.

The National Institute of Standards and Technology (NIST) 800-10 has divided firewalls into three basic types:

  • Packet Filters - check incoming and outgoing traffic by creating a checkpoint at a traffic router or switch.
  • Stateful Inspection - combines packet inspection technology and TCP handshake verification for enhanced protection.
  • Proxys (or Application Level Gateways or Firewalls) - operate at the application layer and works by establishing a connection to the traffic source and inspecting the incoming data packet.

There are two more types of firewalls that are currently available:

  • Circuit-Level Gateways - verify the Transmission Control Protocol (TCP) handshake which is designed to check that the packet session is legitimate.
  • Next-Gen Firewalls - include architectures such as deep-packet inspection, TCP handshake checks and surface level packet inspection.

Yes, Palo Alto Networks firewall is a Stateful firewall. Palo Alto Networks is the principal developer for the Stateful Inspection Firewall and the first Intrusion Prevention System. Stateful Firewall technology involves the inspection of traffic passing through the firewall by matching it against a session. Each session is later matched against a security policy.

Firewalls work like filters between computers and the Internet. They are designed to stop unauthorized access to or from a private network. All messages entering or leaving the intranet pass through a firewall to ensure that an unwanted message doesn’t get transferred.