Palo Alto Networks

Doing what's right for the customer

Nexum Palo Alto Networks
Upcoming training courses by date and location
Date Location Guaranteed to Run Options
08-27-2019 Chicago, IL Request More Info
08-27-2019 Instructor Led Online (CT) Request More Info

This course provides two days of instructor-led training in the optimization of large-scale or complex Traps configurations.

  • Scale Traps infrastructure to your organization’s needs.
  • Tune Traps configuration.
  • Protect Linux endpoints.
  • Perform advanced Traps troubleshooting.

Prerequisites

Students should have completed “Traps 4.1: Install, Configure, and Manage” or (for Palo Alto Networks employee and partner SEs) “PSE: Endpoint Associate” training. Windows system administration skills and familiarity with enterprise security concepts also are required.

Objectives

Students should learn how to design, build, implement, and optimize large-scale Traps deployments: those with multiple servers and/or thousands of endpoints. In hands-on lab exercises, students will distribute Traps endpoint software in an automated way; prepare master images for VDI deployment; build multi-ESM deployments; design and implement customized policies; test Traps with exploits created using Metasploit; and examine prevention dumps with windbg.

Agenda

Module 1: Scaling Server Infrastructure
  • Small site architectures
  • Large site architectures
  • TLS/SSL deployment considerations
Module 2: Scaling Agent Deployment
  • Distributing Traps via GPO
  • Configuring Virtual Desktop
  • Infrastructure with Traps
Module 3: ESM Tuning
  • Tuning ESM settings
  • External logging and SIEM integration
  • Role Based Access Control (RBAC)
  • Defining Conditions
  • Tuning Policies
  • Implementing ongoing maintenance
Module 4: Windows migrations for Traps
  • SQL database migration
  • SSL certificate migration
Module 5: Advanced Traps Forensics
  • Best practices for managing forensic data
  • Agent queries
  • Resources for malicious software testing
  • Exploit challenge testing with Metasploit
  • Exploit dump analysis with windbg
Module 6: Advanced Traps
  • Troubleshooting
  • ESM and Traps architecture
  • Troubleshooting scenarios usingdbconfig and cytool
  • Troubleshooting application compatibility and BITS connectivity
Register for this course