Upload
feroz-ki
View
218
Download
0
Embed Size (px)
Citation preview
8/16/2019 palo alto 201 notes
1/1
paloalto
security policies based on a more accurate identification of each application seeking access to your network.
firewall uses packet inspection and a library of application signatures to disti
nguish between applications that have the same protocol and portand to identify potentially malicious applications that use nonstandard ports.
Single pass parallel processing -SP3 Engine
Control plane - configuraiton, logging, report(separate process), ram , harddrivedata plane - signature , ips, virus, spyware, ssn , security processing, network processing
-----------2ND PDF
inital connection via - mgmt and serial192.168.1.1
set deviceconfig system ip --- netmask... gateway ..dns-settingcomit
management can be use - for updates
Applicaiton command center - ACC
PAGER 7-In PAN-OS 7.0, you can configure DNS Proxy Objects to have the firewall act as a
DNS proxy. Configure a DNS Proxy Object if you want advanced DNS functions such as split DNS, DNS proxy overrides, DNS proxy rules, static entries, or DNS inheritance.
split DNS - http://www.isaserver.org/articles-tutorials/installation-planning/You_Need_to_Create_a_Split_DNS.html
active - running configuration (not like cisco)
when you change - current - candidate configuration -- click ok-updated but notapplied-- select commit to save -- than fw take effect