Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي

PCNSE وإمتحان PCNSA والإعداد لإمتحان - Palo Alto Firewalls 9.0 الكورس الكامل لتعلم

4.85 (14 reviews)
Network & Security
19.5 hours
Aug 2022
last update
regular price

What you will learn

How to design, deploy, configure and troubleshoot Palo alto firewalls. (PAN OS 9.0)

Core course required for PCNSA and PCNSE certifications

Real-Life scenarios and examples that can be used and applied on a day-to-day basis

Prepare for your PCNSA and PCNSE Exams


This Palo Alto Networks Firewall course is will help you to:

  • Configure and manage the essential features of Palo Alto Networks next-generation firewalls.

  • Configure and manage Security and NAT policies to enable approved traffic to and from zones.

  • Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs.

  • Monitor network traffic using the interactive web interface and firewall reports.

  • Prevent use of stolen credentials

Course Outline

  • Palo Alto Network portfolio & architecture

  • Connect to the Management Network

  • Manage Firewall configuration

  • Manage firewall administrator account

  • Connect to production network

  • The cyber-attack Lifecycle

  • Block threats using security & NAC Policies

  • Block Packet & protocol based attacks

  • Block threats from known bad sources

  • Block threats by identifying applications

  • Maintain application based policies

  • Block threats using custom applications

  • Block threats by identifying users

  • Block threats by identifying devices

  • Block unknown threats

  • Block threats in encrypted traffic

  • Block threats by identifying applications

  • Prevent use of stolen credentials

  • Block threats using security profiles

  • View threat & traffic information

  • Cloud deployments and offering

  • Building Home Lab

  • Practice multiple lab scenarios

  • Exam Preparation

Related Certifications

  • PCNSA - Palo Alto Networks Certified Network Security Administrator

  • PCNSE - Palo Alto Networks Certified Network Security Engineer

Course Overview

  • Next-Generation Security Platform and Architecture

  • Virtual and Cloud Deployment

  • Initial Configuration

  • Interface Configuration

  • Security and NAT Policies

  • App-ID™

  • Content-ID™

  • URL Filtering

  • Decryption

  • WildFire®

  • User-ID™

  • GlobalProtect™

  • Site-to-Site VPNs

  • Active/Passive High Availability

  • Security Practices

Successful completion of this course should enhance the student’s understanding of how to configure and manage Palo Alto Networks Next-Generation Firewalls. The course includes real-life examples on configuring, managing, and monitoring a firewall in a lab environment.


Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Screenshot_01Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Screenshot_02Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Screenshot_03Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Screenshot_04


Module 1 - Introduction & General Configuration

MOD1-01 Life Cycle of Cyber Attack
MOD1-02 Security Platform Overview and Services
MOD1-03 SP3 Architecture (Management and Control)
MOD1-04 Zero Trust - Integrated Approach
MOD1-05 Firewall offering (Physical/Virtual)
MOD1-06 Virtual Systems
MOD1-07 Subscription and License Expiry
MOD1-08 Lab - Download OVA, Deploy
MOD1-09 Lab - VM Edit and Interface Mapping
MOD1-10 Lab - VM Boot Process, Defaults, Dashboard
MOD1-11 Administrative Access (Management Services) - Part 1
MOD1-12 Administrative Access (Management Services) - Part 2
MOD1-13 Lab - Configure (MGT, General, DNS, NTP)
MOD1-14 Lab - Service Routes (Definition and Configuration)
MOD1-15 Configuration MGMT - Part 1
MOD1-16 Configuration MGMT - Part 2
MOD1-17 Admin Roles, Authentication Profile
MOD1-18 Password Complexity & Authentication Sequence
MOD1-19 Lab - Admin roles, admins, locks
MOD1-20 Lab - Config Audit-Revert-Export-Import(Backup/restore)
MOD1-21 Lab - Password Recover/Factory Reset/Restore
MOD1-22 View and Construct Filters
MOD1-23 Lab - View,Save,Export and Packet Capture
MOD1-24 Activate Licenses/subscription - Part 1
MOD1-25 Activate Licenses/subscription - Part 2
MOD1-26 PAN OS, Content-ID & Application Updates
MOD1-27 Lab - PAN OS, Content-ID & Application Updates

Module 2 - Interface Definition & Configuration

MOD2-01 Security Zones and interfaces
MOD2-02 TAP, Virtual Wire, Layer 2 interfaces (Concept and Configuration)
MOD2-03 Layer 3 interfaces & Management Profile (Concept and Configuration)
MOD2-04 Layer 3 sub-Interfaces (Concept and Configuration)
MOD2-05 Virtual Router - Concept
MOD2-06 Path Monitoring - Concept
MOD2-07 Vlan Interface, Loopback interface
MOD2-08 Policy-Based Forwarding
MOD2-09 Lab configuration (Zones, interfaces, Virtual router) - Part 1
MOD2-10 Lab configuration (Zones, interfaces, Virtual router) - Part 2

Module 3 - Security & NAT Policies

MOD3-01 Security Policy Concept & Type , C2S/S2C
MOD3-02 Security Policy Rule Match
MOD3-03 Rule shadowing & Explicit/Implicit rules
MOD3-04 Security Policy Administration
MOD3-05 Rule set (Managing, Schedule, Unused)
MOD3-06 Objects (Address, Service, Tags, Global) - Part 1
MOD3-07 Objects (Address, Service, Tags, Global) - Part 2
MOD3-08 Lab - Configuration of Port/Services-Based Security rules
MOD3-09 Source NAT (Concept, Types, Oversubscription, Config) - Part 1
MOD3-10 Source NAT (Concept, Types, Oversubscription, Config) - Part 2
MOD3-11 Destination NAT (Concept, Types, Config) - Part 1
MOD3-12 Destination NAT (Concept, Types, Config) - Part 2
MOD3-13 Lab - Source NAT Configuration and Testing
MOD3-14 Lab - Destination NAT Configuration and Testing

Module 4 - Application ID (App-ID)

MOD4-01 App-ID Definition, Port Based vs NGFW APP-ID, Zero-day malware
MOD4-02 App-ID Operation (UDP and TCP application identification)
MOD4-03 Application shifting and dependencies (implicit/explicit)
MOD4-04 Application filters, Application Groups and Nesting
MOD4-05 Aapplications and custom services
MOD4-06 Lab - Application Block (Concept, Config)
MOD4-07 Identify unknown applications, Application override (Concept, Config)
MOD4-08 App-ID updates (updates Absorption, Policy interaction)
MOD4-09 Lab - App-ID Rule Migration

Module 5 - Content ID

MOD5-01 Content-ID (Security profiles types and operation)
MOD5-02 Vulnerability Protection Security Profile (Definition, Concept)
MOD5-03 Lab - Vulnerability Attack (Vulnerability profile Config
MOD5-04 Antivirus Security Profile (Definition, Concept)
MOD5-05 Lab - Virus/Malware Download (Security profile Config)
MOD5-06 Anti-Spyware Security Profile and Sinkhole Operation
MOD5-07 External Dynamic List (Concept, Lab Configuration)
MOD5-08 Lab - Spyware and Malicious DNS (Anti-Spyware, Sinkhole Config)
MOD5-09 File Blocking Security Profile (Definition, Concept)
MOD5-10 Blocking Multip-Level Encoded Files (Definition, Concept)
MOD5-11 Lab - File Blocking and Multi-Level encoded files (File blocking config)
MOD5-12 Security Profile Groups (Definition, Config)
MOD5-13 Denial-Of-Service Protection (DDOS attack definition)
MOD5-14 Denial-Of-Service Protection (Zone Protection)
MOD5-15 DOS Protection profiles and Policy (Concept, Config)
MOD5-16 Lab - ICMP Flood Attack (Zone Protection Config)

Module 6 - URL Filtering

MOD6-01 URL Filtering Feature (PAN-DB and Categories Definition)
MOD6-02 URL Cateogry (Policy vs Profile) - URL Filtering log
MOD6-03 URL Filtering (Order of URL Cateogry matching)
MOD6-04 URL Filtering (Wildcards usage)
MOD6-05 URL Admin Settings (Response Pages)
MOD6-06 URL Filtering Settings, Credential Detection and HTTP Insertion
MOD6-07 Handling unknown and Not-Resolved URLs
MOD6-08 Seed DB Operation (Pan OS 9.X and Earlier versions)
MOD6-09 URL Re-Categorization (Concept, Config)
MOD6-10 Lab-URL Filtering (Custom Objects - URL Category)
MOD6-11 Lab-URL Filtering (External Dynamic List)
MOD6-12 Lab - Configuring Custom Response Pages

Module 7 - Decryption

MOD7-01 Decryption Overview
MOD7-02 Overview of SSL/TLS Session
MOD7-03 Cryptography - Symmetric Encryption
MOD7-04 Cryptography - Asymmetric Encryption
MOD7-05 Public Key Infrastructure (PKI) and Certificate Authority (Part 1)
MOD7-06 Public Key Infrastructure (PKI) and Certificate Authority (Part 2)
MOD7-07 Chain of Trust (Internal CAs)
MOD7-08 Certificate and Revocation Checking (CRL and OCSP)
MOD7-09 Certificate Validation (Features Certificates)
MOD7-10 Decryption Types - Concept
MOD7-11 Certificate Management (CA Deployment Options)
MOD7-12 Import CA Certificate (Internal CA)
MOD7-13 Certificate Signing Request (CSR)
MOD7-14 Self-signed CA Certificate (Certificate Hierarchy)
MOD7-15 Forward Proxy Decryption (Trust and untrust Certificates)
MOD7-16 SSL Forward Proxy Policy and Decryption Profile
MOD7-17 Security Rules requirement (Decryptin Ruleset)
MOD7-18 Lab - SSL Forward Proxy (Malicious File inspection)
MOD7-19 Lab - Allowing users to use SSL Opt-Out page
MOD7-20 SSL inbound inspection (Concept, Config)
MOD7-21 Unsupported Applications and Decryption Exclusions
MOD7-22 No Decryption (Concept)
MOD7-23 Decryption Port Mirroring and Decryption Broker
MOD7-24 Hardware Security Modules (HSMs)
MOD7-25 SSL Session Termination (Troubleshooting)
MOD7-26 Lab - A Certificate For Secure Web-GUI Access

Module 8 - Wildfire

MOD8-01 Wildfire Threat Intelligence Cloud - Overview
MOD8-02 Wildfire Operations (Sandboxing)
MOD8-03 Wildfire Analysis Methods and Verdicts
MOD8-04 Wildfire Email Protection (Content Updates)
MOD8-05 Wildfire Licensing Scheme and Features
MOD8-06 Wildfire Private Cloud and Hybrid Cloud (WF-500 Clustering)
MOD8-07 Wildfire Configuration and Submission info
MOD8-08 Wildfire Analysis Profile and Updates scheduling
MOD8-09 Wildfire Reporting (Incorrect Verdicts)
MOD8-10 Lab - Wildfire Settings and Automatic Updates
MOD8-11 Lab - Wildfire Analysis config and unknown files submission
MOD8-12 Lab - URL and File submission to Wildfire Portal

Module 9 - User ID

MOD9-01 User-ID Overview
MOD9-02 User-ID components (Main Functions)
MOD9-03 User-ID Considerations (Windows-based vs Integrated Agent)
MOD9-04 Overview of User Mapping Methods
MOD9-05 User-ID Operations (Domain Controllers)
MOD9-06 Domain Controller Monitoring and Session Monitoring
MOD9-07 Windows Client Probing
MOD9-08 GlobalProtect mappings and Syslog Monitoring
MOD9-09 User-ID Mapping Design Recommendations
MOD9-10 User-ID Config (Integrated Agent) - Part 1
MOD9-11 User-ID Config (Integrated Agent) - Part 2
MOD9-12 Lab - User-ID Integrated Agent Configuration
MOD9-13 User-ID Config (Windows-Based Agent) - Part 1
MOD9-14 User-ID Config (Windows-Based Agent) - Part 2
MOD9-15 Lab - Windows based Agent
MOD9-16 Group Mapping - LDAP Server Profile
MOD9-17 Group Mapping - Users and Groups Attributes
MOD9-18 Group Mapping - Custom groups, Include lists and Security Policy
MOD9-19 Lab - Group Mapping (LDAP server and Security Rules)

Module 10 - GlobalProtect

MOD10-01 GlobalProtect Overview and Components
MOD10-02 GlobalProtect Connection Sequence
MOD10-03 Topologies of GlobalProtect
MOD10-04 GlobalProtect - Types of Gateways
MOD10-05 Prior to GlobalProtect Deployment
MOD10-06 Portal Configuration (Autehntication and Certificates)
MOD10-07 Portal Configuration (Internal and External Gateways)
MOD10-08 Portal Configuration (App Conenction Methods)
MOD10-09 Clientless VPN
MOD10-10 Gateway Configuration (Split Tunneling)
MOD10-11 Gateway Configuration (General, Tunnel Settings)
MOD10-12 Gateway Configuration (IP Pools, Network services, Split tunneling)
MOD10-13 GlobalProtect Agent Configuration
MOD10-14 GlobalProtect Cloud Services
MOD10-15 Lab - GlobalPrtoect Deployment Walk Through
MOD10-16 Lab - GlobalProtect Configuration and Testing - Part 1
MOD10-17 Lab - GlobalProtect Configuration and Testing - Part 2
MOD10-18 Lab - Split tunneling and User Identification

Module 11 - Site-to-Site VPNs

MOD11-01 Overview of Site-to-Site VPNs (Design Coniderations)
MOD11-02 Policy-Based versus Route-Based VPNs
MOD11-03 Internet Key Exchange (IKE Phase 1 and IKE Phase 2)
MOD11-04 Route-Based VPN Deployment (Hub-and-spoke)
MOD11-05 VPN Component Interaction/Dependencies
MOD11-06 Phase 1 Objects (IKE Gateways & Crypto Profiles)
MOD11-07 Phase 2 Objects (IPSec Tunnels and VPN Tunnels)
MOD11-08 Static/Dynamic Routing for VPN and Failover Options
MOD11-09 Connectivity check and VPN troubleshooting
MOD11-10 Lab - IPSec VPN Tunnel Configuration and Testing
MOD11-11 Lab - Configuration of Tunnel Monitoring and Dead Peer Detection
MOD11-12 Lab - Configurtion of Dynamic Routing Over IPSec VPN Tunnel

Module 12 - High Availability 2

MOD12-01 Overview of High Availability and HA-Lite
MOD12-02 High Availability Deployments (Active/Passive and Active/Active)
MOD12-03 Prerequisites to High Availability Deployments
MOD12-04 High Availability Components and Operation
MOD12-05 High Availability Links and Split-Brain Scenario
MOD12-06 Designating an Active Firewall (Preemption)
MOD12-07 Failure Detection and Failure-Triggering Mechanisms
MOD12-08 HA Timer Profiles
MOD12-09 Monitoring High Availability State (Startup of HA Pair)
MOD12-10 Firewall States and Configuration Sync
MOD12-11 Active/Passive HA Config - Setup
MOD12-12 Control Links and Data Links Configuration (HA Encryption Keys)
MOD12-13 Active/Passive HA Config - Election Settings
MOD12-14 Link Monitoring and Path Monitoring
MOD12-15 Lab - High Availability Deployment and Failover Scenario
MOD12-16 Lab - Path Monitoring (ISP Failure)

Module 13 - Monitoring and Reporting

MOD13-01 Application Command Center and Dashboard
MOD13-02 Session Browser and Filters
MOD13-03 Reporting Overview (Predefined)
MOD13-04 Custom Reports (Overview & Configuration)
MOD13-05 User/Group Activity and Summary Report
MOD13-06 SaaS Applications
MOD13-07 Email, Groups and Logging Settings


January 20, 2022
ربنا يبارك فيك يا باشمهندس .. حضرتك بتشرح بالتفصيل والمحتوى والجودة ممتازه .. أرجو الاستمرار بنفس الجودة



Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Price chart


Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Ratings chart

Enrollment distribution

Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي - Distribution chart


2/18/2022100% OFF
udemy ID
course created date
course indexed date
course submited by