دانلود کتاب Mastering Palo Alto Networks: Build, configure, and deploy network solutions for your infrastructure using features of PAN-OS, 2nd Edition
کتاب تسلط بر شبکه های Palo Alto: ساخت، پیکربندی و استقرار راه حل های شبکه برای زیرساخت های خود با استفاده از ویژگی های PAN-OS، نسخه دوم نسخه زبان اصلی
دانلود کتاب تسلط بر شبکه های Palo Alto: ساخت، پیکربندی و استقرار راه حل های شبکه برای زیرساخت های خود با استفاده از ویژگی های PAN-OS، نسخه دوم بعد از پرداخت مقدور خواهد بود
توضیحات کتاب در بخش جزئیات آمده است و می توانید موارد را مشاهده فرمایید
توضیحاتی در مورد کتاب Mastering Palo Alto Networks: Build, configure, and deploy network solutions for your infrastructure using features of PAN-OS, 2nd Edition
نام کتاب : Mastering Palo Alto Networks: Build, configure, and deploy network solutions for your infrastructure using features of PAN-OS, 2nd Edition
ویرایش : 2
عنوان ترجمه شده به فارسی : تسلط بر شبکه های Palo Alto: ساخت، پیکربندی و استقرار راه حل های شبکه برای زیرساخت های خود با استفاده از ویژگی های PAN-OS، نسخه دوم
سری :
نویسندگان : Tom Piens aka 'reaper'
ناشر : Packt Publishing
سال نشر : 2022
تعداد صفحات : 637
ISBN (شابک) : 1803241411 , 9781803241418
زبان کتاب : English
فرمت کتاب : pdf
حجم کتاب : 27 مگابایت
بعد از تکمیل فرایند پرداخت لینک دانلود کتاب ارائه خواهد شد. درصورت ثبت نام و ورود به حساب کاربری خود قادر خواهید بود لیست کتاب های خریداری شده را مشاهده فرمایید.
فهرست مطالب :
Cover
Copyright
Foreword
Contributors
Table of Contents
Preface
Chapter 1: Understanding the Core Technologies
Technical requirements
Understanding the zone-based firewall
Expected behavior when determining zones
Understanding App-ID and Content-ID
How App-ID gives more control
How Content-ID makes things safe
The management and data plane
Authenticating and authorizing users with User-ID
Summary
Chapter 2: Setting Up a New Device
Technical requirements
Gaining access to the user interface
Connecting to the web interface and CLI
Adding licenses and setting up dynamic updates
Creating a new account
Registering a new device
Activating licenses
Activating licenses via the customer support portal
Activating licenses via the web interface
Downloading and scheduling dynamic updates
Dynamic updates cheat sheet
Upgrading the firewall
Understanding the partitions
Upgrade considerations
Which features are required?
Is the code train “mature”?
When is an upgrade required and when is it optional?
Upgrading via the CLI
Upgrading via the web interface
Upgrade cheat sheet
Hardening the management interface
Limiting access via an access list
Accessing internet resources from offline management
Admin accounts
Dynamic accounts
Role-based administrators
Understanding the interface types
The Layer 3 interface
Virtual router
The Layer 2 interface and VLANs
The loopback interface
The tunnel interface
Subinterfaces
HA interfaces
AE interfaces
Tap interfaces
The Decryption Port Mirror interface
Summary
Chapter 3: Building Strong Policies
Technical requirements
Understanding and preparing security profiles
The Antivirus profile
The Anti-Spyware profile
The Vulnerability Protection profile
Custom URL categories
Configuring the URL Filtering profile
URL filtering priorities
The File Blocking profile
The WildFire Analysis profile
Custom objects
The Custom Spyware/Vulnerability objects
Security profile groups
Understanding and building security rules
Dropping “bad” traffic
Action options
Allowing applications
Application dependencies
Application-default versus manual service ports
Controlling logging and schedules
Address objects
Tags
Policy Optimizer
Creating NAT rules
Inbound NAT
Outbound NAT
Hide NAT or one-to-many NAT
One-to-one NAT
U-turn or hairpin NAT
Summary
Chapter 4: Taking Control of Sessions
Technical requirements
Controlling the bandwidth with quality-of-service policies
DSCP and ToS headers
QoS enforcement in the firewall
Creating QoS profiles
Creating QoS policies
Leveraging SSL decryption to look inside encrypted sessions
SSH proxy
SSL forward proxy
SSL Inbound Inspection
Forwarding sessions to an external device
Redirecting sessions over different paths using policy-based forwarding
Redirecting critical traffic
Load balancing
Equal cost multipath as an alternative
Summary
Chapter 5: Services and Operational Modes
Technical requirements
Applying a DHCP client and DHCP server
DHCP client
DHCP server and relay
Configuring a DNS proxy
Setting up High Availability
Active/Passive mode
Active/Active mode
Clustering
Firewall states
High Availability interfaces
Setting up Active/Passive mode
Setting up Active/Active mode
HA1 encryption
Enabling virtual systems
Creating a new VSYS
Inter-VSYS routing
Creating a shared gateway
Summary
Chapter 6: Identifying Users and Controlling Access
Technical requirements
User-ID basics
Preparing Active Directory and setting up the agents
WMI probes
User-ID agent
Terminal Server Agent
Agentless User-ID
Configuring group mapping
The Cloud Identity Engine
Configuring Azure enterprise applications
Setting up a captive portal
Authenticating users
Configuring the captive portal
Using an API for User-ID
Chapter 7: Managing Firewalls through Panorama
Technical requirements
Setting up Panorama
Initial Panorama configuration
Panorama logging
Device groups
Adding managed devices
Preparing device groups
Creating policies and objects
Important things to know when creating objects in device groups
Setting up templates and template stacks
Panorama management
Device deployment
Migrating unmanaged to managed devices
Panorama HA
Tips and tricks
Summary
Chapter 8: Upgrading Firewalls and Panorama
Technical requirements
Documenting the key aspects
Upgrade considerations
Preparing for the upgrade
The upgrade process
Upgrading a single Panorama instance
Upgrading a Panorama HA cluster
Upgrading log collectors (or firewalls) through Panorama
Upgrading a single firewall
Upgrading a firewall cluster
After the upgrade
The rollback procedure
The downgrade procedure
Special case for upgrading older hardware
Summary
Chapter 9: Logging and Reporting
Technical requirements
Log storage
Configuring log collectors and log collector groups
Cortex Data Lake logging service
External logging
Configuring log forwarding
System logs
Session logs
Reporting
Pre-defined reports
Custom reports
The Application Command Center
Filtering logs
Summary
Chapter 10: Virtual Private Networks
Technical requirements
Setting up the VPN
Configuring the IPSec site-to-site VPN
Configuring GlobalProtect
Setting up the portal
Setting up the gateway
HIP objects and profiles
Summary
Chapter 11: Advanced Protection
Technical requirements
Custom applications and threats
Application override
Signature-based custom applications
Custom threats
Zone protection and DoS protection
System protection settings
Configuring zone protection
Configuring DoS protection
Summary
Chapter 12: Troubleshooting Common Session Issues
Technical requirements
Using the tools at our disposal
Log files
Packet captures
Botnet reports
Interpreting session details
Using the troubleshooting tool
Using maintenance mode to resolve and recover from system issues
Summary
Chapter 13: A Deep Dive into Troubleshooting
Technical requirements
Understanding global counters
Understanding bad counters
Analyzing session flows
Preparation
Execution
Cleanup
A practical example
Debugging processes
CLI troubleshooting commands cheat sheet
Summary
Chapter 14: Cloud-Based Firewall Deployment
Technical requirements
Licensing a cloud firewall
Deploying a firewall in Azure from the Marketplace
Bootstrapping a firewall
Creating a new storage account
Creating a bootstrap file share
The init-cfg.txt file
The bootstrap.xml file
Bootstrapping a firewall on Azure
Putting the firewall in-line
Adding a new public IP address
Adding the Untrust subnet to an NSG
Creating a server subnet
Setting up routing
Forcing internal hosts to route over the firewall
Setting up a load balancer
Summary
Chapter 15: Supporting Tools
Technical requirements
Integrating Palo Alto Networks with Splunk
Monitoring with Pan(w)achrome
Threat intelligence with MineMeld
Exploring the API
Summary
Other Books You May Enjoy
Index
پست ها تصادفی