The Palo Alto Networks Certified Network Security Administrator (PCNCA) certification covers various essential topics related to the configuration and management of Palo Alto firewalls. Here’s an overview of the typical syllabus:

 

1.Introduction to Palo Alto Networks
– Overview of Palo Alto Networks technologies
– Security challenges and solutions

 

2. Platform Architecture
– Understanding hardware and software architecture
– Control and data planes

 

3. Initial Configuration
– Setting up a Palo Alto firewall
– Basic configuration steps (management access, interfaces, etc.)

 

4. Security Policies
– Creating and managing security policies
– Policy rules and best practices

 

5. Network Address Translation (NAT)
– Configuring NAT rules
– Static and dynamic NAT

 

6. User Identification
– User-ID technology and configuration
– Integration with Active Directory and other directory services

 

7. Monitoring and Logging
– Using the web interface for monitoring
– Log management and analysis

 

8. VPN Configuration
– Setting up site-to-site and remote access VPNs
– Understanding encryption protocols

 

9. Threat Prevention
– Configuring threat prevention features (IPS, Antivirus, Anti-Spyware)
– Best practices for threat management

 

 10. High Availability
– Implementing HA configurations
– Failover processes and configurations

 

 11. Troubleshooting
– Common troubleshooting techniques
– Diagnostic tools available in Palo Alto firewalls

 

Next-Generation Security Platform and Architecture

  • Basic-Terminology of Firewall
  • Introduction about Palo Alto Networks, Certifications, NextGen Firewalls.
  • Firewall Technologies
  • About Palo Alto Networks
  • What is SP3 Architecture
 

Virtual and Cloud Deployment

  • Install Palo Alto on VM
  • Install Palo Alto on EVE
  • Install Palo Alto in GNS3
  • CLI-Commands
  • Dashboard Tab
 

Initial Configuration

  • PA Initial Configuration
  • DNS & NTP
  • Licenses and Updates
  • Dynamic Updates
  • Initial Working Lab
  • Interface Mgmt
  • Backup and Restore
 

Interface Configuration

  • Interfaces PA
  • Firewall Zones
  • Intro to Routing
  • Virtual Routers (VR)
  • VS Static Routing
  • VS Default Routing
  • RIP-Lab
  • Securing Routing Protocols
  • OSPF-Lab
 

Security Policies

  • Security Policy Concepts
  • Security Policy Basic Criteria
  • Security Policy Action
  • Shadows Rule
  • View Rules by Tag Group
  • Policy Optimizer
 

NAT Policies

  • NAT-PA-Theory
  • NAT Topology
  • Source NAT Policy with Dynamic IP
  • Source NAT Static IP
  • Destination NAT Static IP
  • Destination NAT Port Forwarding
  • U-Turn-NAT
 

App-ID

  • APP-ID
  • Application Window Details
  • Application Shifts
  • Dependent Applications
  • Implicitly Use Applications
  • Application Groups
  • Application Filters
  • Custom Application
  • Application Override
  • Application Updates
 

Content-ID

  • Security Profiles-Intro
  • Antivirus Profile
  • Anti-Spyware Profiles
  • Vulnerability Protection Profiles
  • URL Filtering Profile
  • File Blocking Profiles
  • Security Profile Groups
  • DoS Protection Profile
  • Zone Protection Profile-Lab
 

WildFire

  • WHAT IS Wildfire
  • WildFire Analysis Profile
 

User-ID

  • User-ID-Theory
  • Captive Portal
  • LDAP Integration
 

Decryption

GlobalProtect

  • Remote-Access VPN GlobalProtect Theory and Lab.
  • GlobalProtect
 

Site-to-Site VPNs

  • VPN Concept
  • IPSec Protocols
  • VPN-Lab
 

Monitoring and Reporting

  • Log Types
  • Syslog Server
  • NetFlow
  • SNMP
  • Packet-Capture
  • ACC Tab
 

Active/Passive High Availability

  • WHAT IS High Availability
  • Active/Passive High Availability Lab
 

Palo Alto Networks offers a range of firewall models designed for various deployment scenarios, from small businesses to large enterprises. Here’s a list of some common models:

 

1. PA-Series (Hardware Firewalls)
– PA-220: Ideal for small businesses and branch offices.


– PA-850: Suitable for mid-sized businesses with higher throughput needs.


– PA-3220: Designed for large enterprises and data centers, offering robust performance.


– PA-3250: Enhanced performance and features for larger networks.


– PA-3260: High throughput and advanced features for demanding environments.


– PA-5220: For large data centers and enterprises, with high scalability.
– PA-5260: Advanced model for large-scale deployments with the highest throughput.


– PA-7080: A top-tier model for high-performance, large enterprise, and data center needs.

 

2. VM-Series (Virtual Firewalls)
– VM-100: For small to medium-sized deployments in virtualized environments.


– VM-300: For mid-sized enterprises with more demanding security needs.


– VM-500: Suitable for larger enterprises and data centers.


– VM-700: High-performance virtual firewall for large-scale environments.

1. PA-Series (Hardware Firewalls)

  • PA-200 Series
    • PA-220
  • PA-300 Series
    • PA-320
    • PA-3220
    • PA-3250
    • PA-3260
  • PA-500 Series
    • PA-5220
    • PA-5260
  • PA-7000 Series
    • PA-7050
    • PA-7080
 

PA-400 Series

  • Includes models like PA-440, designed for mid-sized organizations with advanced security features.

Prisma Access

  • A cloud-delivered security service that integrates with physical firewalls for Secure Access Service Edge (SASE) solutions, providing secure access to applications regardless of location.

Paloalto Model Datasheet