CNSE 4.1 Exam Preparation GuideV3.pptx - Palo Alto Networks

More documents

Recommendations

Info

Five Physical Interface Types: 1. Tap mode interfaces simply listen to a span/mirror port of a switch 2. Virtual wire - EXACTLY two interfaces, what comes in one, goes out the other - Can be any combo (copper-copper, fiber-fiber, copper-fiber) - no MAC address or IP addresses on the interfaces - the device is still a stateful firewall and can block traffic 3. L2 - multiple interfaces can be configured into a “virtual-switch” or VLAN in L2 mode. L2 Interfaces do not participate in STP, as Spanning Tree Protocol is not supported 4. L3 - IP address is required, all layer-3 operations available. 5. HA (on all devices except the 4000 and 5000 series, you must configure two traffic ports as the HA ports) Note that all interfaces, regardless of type, can be simultaneously supported. Page 8 |
Logical Interfaces Supported • Subinterfaces (802.1q) - Up to 4094 VLAN supported per port - Max of 4094 VLANs per system • Aggregate interfaces (802.3ad) - Only on PA-4000 and PA-5000 series - Up to 8 physical 1 Gig interfaces can be placed into an aggregate group - Up to 8 aggregate groups are supported per device - Each interface in a group must be the same physical media (all copper, or all fiber) • Tunnel interfaces- for IPSec or SSL VPNs • Loopback interfaces Page 9 |
Page 1 and 2: Palo Alto Networks CNSE 4.1 Exam Pr
Page 3 and 4: General Advice • 100 multiple-cho
Page 5 and 6: PA appliances as of PAN-OS 4.1: 400
Page 7: PA Appliances as of PAN-OS 4.1: 200
Page 11 and 12: Available Features in Different Int
Page 13 and 14: Device Management • Managing the
Page 15 and 16: Application Selection Window Within
Page 17 and 18: Application Groups and Application
Page 19 and 20: Scheduling Security Policies • Po
Page 21 and 22: Monitoring Traffic • The default
Page 23 and 24: Log Forwarding • The logs on the
Page 25 and 26: Steps to Define a New Application 1
Page 27 and 28: Source Address Translation • NAT
Page 29 and 30: Security Profiles • Security Prof
Page 31 and 32: Anti-Virus Profiles Page 31 | • A
Page 33 and 34: Email Protocols and AV/Spyware Prot
Page 35 and 36: Custom Response Pages • Response
Page 37 and 38: URL Filtering Profile • Actions c
Page 39 and 40: Default Block Pages Page 39 |
Page 41 and 42: Data Filtering Overview • Scan tr
Page 43 and 44: Data Filtering Password Setup • P
Page 45 and 46: WildFire • WildFire relies upon t
Page 47 and 48: Packet Flow • Refer to this docum
Page 49 and 50: User-ID: Enterprise Directory Integ
Page 51 and 52: User-ID Agent Setup and Upgrade Pro
Page 53 and 54: Terminal Server Agent • Runs on t
Page 55 and 56: Captive Portal (2) • How to confi
Page 57 and 58: Steps to Configure an IPSec site-to
Page 59 and 60:
GlobalProtect - SSL VPN • PAN-OS
Page 61 and 62:
SSL Decryption • The Palo Alto fi
Page 63 and 64:
Configuring SSL Outbound Decryption
Page 65 and 66:
Misc. SSL Decryption • When SSL i
Page 67 and 68:
HA Failure States • Link Failure
Page 69 and 70:
Active/Active | HA3 interface • A
Page 71 and 72:
Panorama • Central source to view
Page 73 and 74:
Adding Devices to Panorama Page 73
Page 75 and 76:
View and Commit You can view a comb
Page 77:
Topics that have minimal or no ques
show all

CNSE 4.1 Exam Preparation GuideV3.pptx - Palo Alto Networks

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?