Basic Policy Overview Palo Alto.

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

1 Enabling Secure Internet Access with ISA Server.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

Norman SecureSurf Protect your users when surfing the Internet.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

Using Windows Firewall and Windows Defender

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Chapter 13 – Network Security

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

How to create DNS rule that allow internal network clients DNS access Right click on Firewall Policy ->New- >Access Rule Right click on Firewall.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Module 5: Configuring Internet Explorer and Supporting Applications.

Securing Internet Access Designing an Internet Acceptable Use Policy Securing Access to the Internet by Private Network Users Restricting Access to Content.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.

Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 2 – 6 IP Access Lists 1.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.

Integrating and Troubleshooting Citrix Access Gateway.

Firewall Policies. Module Objectives By the end of this module participants will be able to: Identify the components used in a firewall policy Create.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

1 Firewall Rules. 2 Firewall Configuration l Firewalls can generally be configured in one of two fundamental ways. –Permit all that is not expressly denied.

APPLICATION PERFORMANCE MANAGEMENT The Next Generation.

Application Control. Module Objectives By the end of this module participants will be able to: Define application control lists Define firewall policies.

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.

Telnet Media. Telnet Media Ltd Surfing the Web Secure Content Management Products Reasons to implement Agenda.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos

Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a.

Barracuda NG Firewall ™

Palo Alto Networks Certified Network Security Engineer (PCNSE) 7 Exam

Module 3: Enabling Access to Internet Resources

Firewalls Dr. X (Derived from slides by Prof. William Enck, NCSU)

PCNSE7 Palo Alto Networks Certified Network Security Engineer

Working at a Small-to-Medium Business or ISP – Chapter 8

Creating Oracle Business Intelligence Interactive Dashboards

Configuring ALSMS Remote Navigation

Enabling Secure Internet Access with TMG

Killtest Palo Alto Networks PCNSE7 Exam

MCTS Guide to Microsoft Windows 7

Securing the Network Perimeter with ISA 2004

Web Security for Field Engineers practice-questions.html.

100% Exam Passing Guarantee & Money Back Assurance

Introduction to Networking

Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.

Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016

Access Control Lists CCNA 2 v3 – Module 11

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Using the Cloud App Marketplace Monitoring cloud app migrations

Firewalls Chapter 8.

AbbottLink™ - IP Address Overview

Features - Benefits Major Release January 2019

Firewall Installation

Session 20 INST 346 Technologies, Infrastructure and Architecture

AT&T Firewall Battlecard

Comodo Dome Data Protection

Presentation transcript:

Basic Policy Overview Palo Alto

Policy Policy-based Controls Enable Appropriate Application Usage The increased visibility into network activity generated by App-ID, User-ID and Content-ID can help simplify the task of determining which applications are traversing the network, who is using them, the potential security risk and then easily determine the appropriate response. Armed with these data points, administrators can apply policies with a range of responses that are more fine-grained than allow or deny.

Policy control responses include: • Allow or Deny • Allow but scan • Allow based on schedule • Decrypt and inspect • Apply traffic shaping • Any combination • Allow certain application functions • Allow for certain users or groups

Policy Editor: • Assign Saleforce.com and Oracle to the sales and marketing groups by leveraging Active Directory integration. • Enable only the IT group to use a fixed set of management applications such as SSH, telnet and RDP. • Block bad applications such as P2P file sharing, circumventors and external proxies. • Define and enforce a corporate policy that allows and inspects specific webmail and instant messaging usage. • Control the file transfer functionality within an individual application, allowing application use yet preventing file transfer. Using a policy editor that carries a familiar look and feel, experienced firewall administrators can quickly create flexible firewall policies such as

Policy Editor: • Identify the transfer of sensitive information such as credit card numbers or social security numbers, either in text or file format. • Deploy multi-level URL filtering policies that block access to obvious non-work related sites, monitor questionable sites and “coach” access to others. • Implement QoS policies to allow media and other bandwidth intensive applications but limit their impact on business critical applications.

GUI Policy Editor:

Network Tab: Network tab -> Zones Create one or more zones of type “tap”, and assign appropriate names. If you plan to implement user-ID, check the box to “enable user-identification”.

Network Tab: Network tab-> Interfaces Configure one or more interfaces to be of type “tap”, and assign those interfaces to the tap zones you just created

Network Tab:

Application Command Center (ACC): A standard feature that requires no configuration effort, ACC graphically displays a wealth of information on current network activity including applications, URL categories, threats, and data. If a new application appears in ACC, a single click displays a description of the application, its key features, its behavioral characteristics, who is using it, and what security rules allowed it to be used. Additional filters can be added to learn more about application use for individual users along with the threats detected within the application traffic. In the span of just a few minutes. ACC provides administrators with the data they need to make more informed security policy decisions

ACC Functions: What are the top applications used on the network and how many are high-risk applications? Who are the top users of high-risk applications on the network What are the top URL categories being viewed in the last hour? What are the top bandwidth-using applications? Who are the users/hosts that consume the highest bandwidth?

ACC Functions: What content or files are being blocked and are there specific users who trigger this file blocking/data filtering policy?  What is the amount of traffic exchanged between two specific IP addresses or generated by a specific user? Where is the destination server or client located geographically?

ACC Tab

Resources https://live.paloaltonetworks.com/twzvq79624/attachments/twzvq79624/IntegrationArticles/29/1/PaloAltoNetworks-Designs-Guide-RevB.pdf