ebook img

Securing Remote Access in Palo Alto Networks: Practical techniques to enable and protect remote users, improve your security posture, and troubleshoot next-generation firewalls PDF

433 Pages·2021·25.627 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Securing Remote Access in Palo Alto Networks: Practical techniques to enable and protect remote users, improve your security posture, and troubleshoot next-generation firewalls

BIRMINGHAM—MUMBAI Securing Remote Access in Palo Alto Networks Copyright © 2021 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book. Packt Publishing has endeavoured to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. Group Product Manager: Wilson D'souza Publishing Product Manager: Vijin Boricha Senior Editor: Shazeen Iqbal Content Development Editor: Rafiaa Khan Technical Editor: Shruthi Shetty Copy Editor: Safis Editing Project Coordinator: Shagun Saini Proofreader: Safis Editing Indexer: Rekha Nair Production Designer: Jyoti Chauhan First published: June 2021 Production reference: 1030621 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-80107-744-6 www.packt.com I want to dedicate this book to my son, godson, and newborn nephew: life starts at 40, so don't grow up too fast. Contributors About the author Tom Piens, PCNSE, CISSP, and founder of PANgurus, has over 10 years of experience working with Palo Alto Networks customers. Tom has been on the forefront of engaging with customers, responding to questions, and analysing unique needs to apply the best possible solutions or workarounds. He has authored a great many articles on the Palo Alto Networks knowledge base and discussion forum solutions, and a book, Mastering Palo Alto Networks. Also known as reaper on the PANgurus and LIVEcommunity forums, and PANWreaper on Twitter, Tom has been recognized by Palo Alto Networks user groups and community members, and by countless thankful customers. I want to extend a special thanks to Nick "Ndx" for helping to review and fact-check this book, Aref Alsouqi for being a technical sounding board, and Rutger Truyers for his much-appreciated insights. In these trying times I have very much enjoyed their friendship above all. About the reviewer Kris Znamierowski is an IT professional with over 18 years of experience in securing and supporting multiple operating systems, including PAN-OS, Microsoft, Linux, and BSD UNIX. An OpenBSD user since forever. He holds many credentials from industry leaders. Table of Contents Preface Section 1: Leveraging the Cloud and Enabling Remote Access Chapter 1: Centralizing Logs Technical requirements Understanding log forwarding profiles and best practices Allocating log storage Adding disk space to a VM firewall Learning about Panorama and log collectors Forwarding logs to syslog, SMTP, and other options SNMP trap server profile Syslog server profile Email server profile HTTP server profile Netflow Profile Configuring system log forwarding on the firewall Exploring log forwarding profiles Dynamic tagging Assigning log forwarding actions Troubleshooting logs and log forwarding Debugging log-receiver Reading system resources Using tcpdump Troubleshooting forwarding to a log collector Summary Chapter 2: Configuring Advanced GlobalProtect Features Technical requirements Learning about advanced configuration features Integrating SAML into authentication methods Setting up a VPN connection before the user has logged on Leveraging quarantine to isolate agents Practical troubleshooting for GlobalProtect issues Summary Chapter 3: Setting up Site-to-Site VPNs and Large-Scale VPNs Technical requirements Configuring a site-to-site VPN connection Static site-to-site tunnels Dynamic site-to-site tunnels Setting up the LSVPN Summary Chapter 4: Configuring Prisma Access Technical requirements Configuring Prisma Access Configuring the service infrastructure Configuring the service connection Configuring directory sync Configuring mobile users Configuring remote networks Configuring the remote firewalls Configuring Cortex Data Lake Summary Section 2: Tools, Troubleshooting, and Best Practices Chapter 5: Enabling Features to Improve Your Security Posture Technical requirements Hardening the management interface FIPS-CC mode Replacing the default certificates Setting minimum password complexity Configuring administrator roles Restricting access to the management interface Setting the master key EDLs MineMeld Summary Chapter 6: Anti-Phishing with User Credential Detection Technical requirements

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.