¥I´Ú¡C
|
¤é´Á (dd/mm)¡G 12/05 - 11/06
¬P´Á¡G ¤@¡B¤T
®É¶¡¡G 7:00pm - 10:00pm
½Ò®É¡G 30 ¤p®É
¦aÂI¡G ©ô¨¤
¾Ç¶O¡G $9,350 $7,480 (Early Bird Àu´f)
¾É®v¡G Larry
½è¯À«OÃÒ¡G§K¶O¸ÕÚ»º 3 ¤p®É¤p®É½Ò°ó¿ý¼v¡A½ÐP¹q 2332-6544 »P¥»¤¤¤ß¾û¹w¬ù¡C
§K¶O¸É°ó¡A§K¶O«Åª¡C
Palo Alto Networks ¬O¤@®a¥þ²y©Êªººô¸ô¦w¥þ¤½¥q¡AÁ`³¡¦ì©ó¬ü°ê¡C¸Ó¤½¥q¦¨¥ß©ó 2005 ¦~¡A¦®¦b´£¨Ñ³Ì¥ý¶iªººô¸ô¦w¥þ§Þ³N¡AÀ°§U«È¤á«OÅ@¨äºô¸ô¤£¨ü´c·N³nÅé¡Bºô¸ô§ðÀ»©M¸ê®Æ¥~¬ªªº«I®`¡C
Palo Alto Networks ¶}µo©M´£¨Ñ¤@¨t¦Cºô¸ô¦w¥þ¸Ñ¨M¤è®×¡A¥]¬A¤U¤@¥N¨¾¤õÀð (Next Generation Firewall)¡B¶³ºÝ¦w¥þ (Prisma Cloud)¡Bºô¸ô¦w¥þ¤ÀªR (Cortex XDR) ©MºÝÂI«OÅ@ (Endpoint Protection)µ¥¡C
³o¨Ç¸Ñ¨M¤è®×³£°ò©ó¦Û¥D¬ãµoªº§Þ³N¡A¦p¦w¥þ³W«h (Security Policy)¡B«Â¯Ù±¡³ø (Threat Intelligence)©M¦Û°Ê¤Æ¦w¥þ±±¨îµ¥ (Cortex XSOAR)¡A¥H½T«O«È¤áªººô¸ô¦w¥þ¡C
Palo Alto Networks ªº«È¤á¥]¬A¥þ²y½d³ò¤ºªº¥ø·~¡B¬F©²¾÷ºc¡B±Ð¨|¾÷ºc©MªA°È´£¨Ñ°Óµ¥¡C
Palo Alto Networks ¦b¥þ²y¾Ö¦³¦hÓ¬ãµo¤¤¤ß©M¿ì¨Æ³B¡A¹µ¥Î¤F¼Æ¤d¦Wû¤u¡A¬Oºô¸ô¦w¥þ¦æ·~ªº¤T¤j»â¾ÉªÌ¤§¤@¡A¸Ô¨£¥H¤U Gartner - Magic Quadrant for Network Firewalls:
§@¬°¤@®aP¤O©óºô¸ô¦w¥þªº¤½¥q¡APalo Alto Networks ª`«±À°Êºô¸ô¦w¥þªº³Ð·s©Mµo®i¡A»P·~¤º¨ä¥L¤½¥q©M²Õ´¦X§@¡A¦@¦PÀ³¹ï¤£Â_¥X²{ªººô¸ô«Â¯Ù¡C
Palo Alto Networks ªº¥«È¬ù¬° 1250 »õ¬ü¤¸ (¶W¹L 9750 »õ´ä¤¸)¡A¸Ó¤½¥qªÑ»ù¥ç¥Ñ 5 ¦~«e¬ù 24 ¬ü¤¸²r¤É¦Ü²{¦bªñ 200 ¬ü¤¸¡A¬O¥þ²yºô¸ô¦w¥þ¦æ·~ªº»â¥ý¥ø·~¤§¤@¡C
®Ú¾Ú¸Ó¤½¥qªº¦~«×°]³ø¼Æ¾ÚÅã¥Ü¡A¨ä¥þ¦~À禬¬° 80 »õ¬ü¤¸¡A¸û¤W¦~¦P´Á¼Wªø 16.5%¡F¤ò§Q¬ù¬° 59 »õ¬ü¤¸¡C
Palo Alto Networks ¦bºô¸ô¦w¥þ¥«³õ¦û¦³¬Û·í¤jªº¥«³õ¥÷ÃB¡A¯S§O¬O¦b¤U¤@¥N¨¾¤õÀð (Next Generation Firewall) ©Mºô¸ô¦w¥þ¤ÀªRµ¥»â°ìªí²{Àu²§¡C
¾Ú¥«³õ¬ã¨s¾÷ºc IDC ³Ìªñªº³ø§iÅã¥Ü¡G
- Palo Alto Networks ¦b <<¥þ²y¨¾¤õÀ𥫳õ¥÷ÃB>> ±Æ¦W²Ä¤@¡A¥«³õ¦û¦³²v¬° 22.4%¡F
Á`Åé¦Ó¨¥¡APalo Alto Networks ¦bºô¸ô¦w¥þ¦æ·~¾Ö¦³Ã°·ªº°]°Èª¬ªp©M±j¤jªº¥«³õ¦a¦ì¡A¨Ã«ùÄò³q¹L§Þ³N³Ð·s©M·~°È©Ý®i¨Ó±À°Ê¨ä¦b¥«³õ¤¤ªºÄvª§¤O¡C
Palo Alto Networks ªº®Ö¤ß§Þ³N¡GPAN-OS (¥»½Òµ{ªº¥Dn¤º®e)
PAN-OS °ò©ó±M¥ÎµwÅé (¥]¬A PA ¨t¦C Next Generation Firewall) ©MµêÀÀ¤Æ¥¥x (¥]¬A VM ¨t¦C¤Î CN ¨t¦C)¡A´£¨Ñ¤F¤@¨t¦Cºô¸ô¦w¥þ¸Ñ¨M¤è®×¡A¥]¬A¤U¤@¥N¨¾¤õÀð¡B¶³ºÝ¦w¥þ¡Bºô¸ô¦w¥þ¤ÀªR©MºÝÂI«OÅ@µ¥¡CPAN-OS ¾Ö¦³¤@¨t¦C¥ý¶iªº¥\¯à¡A¥]¬A¡G
- ´¼¯à¨¾¤õÀð¡G§Q¥Î²`«×¾Ç²ß (Machine Learning powered) ©M¤H¤u´¼¼z (Artificial Intelligence) §Þ³N¡A¹ïºô¸ô¬y¶q¶i¦æ¹ê®É¤ÀªR©M¿ëÃÑ¡A¨Ã¯à°÷¦Û°Ê¾Ç²ß©M½Õ¾ã¨¾¤õÀð³W«h¡C
- ¦w¥þ¤ÀªR¡GPalo Alto WildFire ±N¤j¶qªººô¸ô¦w¥þ¼Æ¾Ú¶i¦æ¦¬¶°©M¤ÀªR¡A¥H«K¤Î®Éµo²{©MÀ³¹ï¦UºØ«Â¯Ù¡A¥]¬A´c·N³nÅé¡Bºô¸ô§ðÀ»©M¸ê®Æ¥~¬ªµ¥¡C
- ºô¸ô¤À¬q¡G³q¹L¤À³Îºô¸ô¬y¶q¡A¨Ï±o¦UÓ³¡ªù©Î¥Î¤á¤§¶¡ªº¬y¶q¤¬¬Û¹jÂ÷¡A¥H´î¤Ö«Â¯ÙªºÂX´²©M·ÀIªº¶Ç¼½¡C
- ¦Û°Ê¤Æ¦w¥þ±±¨î¡G³q¹L¦Û°Ê¤Æ§Þ³N¡A¥i¥H¦Û°Ê¤Æ°õ¦æ¦w¥þ¾Þ§@¡A¦pªý¤îºô¸ô¬y¶q¡B¹jÂ÷·P¬V¥D¾÷©M¨¾¤î¸ê®Æ¥~¬ªµ¥¡C
Palo Alto Networks PA/VM/CN ¨t¦C¨¾¤õÀð¬O°ª«×¶°¦¨©M¦Û°Ê¤Æªº§Þ³N¡A¥i¥H¦³®Ä¦a¨¾¤îºô¸ô¨ü¨ì¦UºØ¦yºÝªº«Â¯Ù¡A¦p¯f¬r¡B´c·N³n¥óµ¥¡C
Àò±o Palo Alto Networks Certified Next-Generation Firewall Engineer »{ÃÒªº¤H¤h¡A®i¥Ü¤F¥L̨ã³Æ¦³¾Þ§@ Palo Alto Networks ¤U¤@¥N¨¾¤õÀð¨Ó«OÅ@ºô¸ô§K¨ü¦yºÝºô¸ô«Â¯Ùªº¯à¤O¡C
| ½Òµ{¦WºÙ¡G |
Palo Alto Networks Certified Next-Generation Firewall Engineer °ê»Ú»{¥iÃҮѽҵ{ - ²ºÙ¡GPalo Alto Networks Firewall Training Course |
| ½Òµ{®É¼Æ¡G | ¦X¦@ 30 ¤p®É (¦@ 10 °ó) |
| ¾A¦X¤H¤h¡G | ¹ï¹q¸£ºô¸ô¦w¥þ¦³°ò¥»»{ÃѩΦ³§Ó§ë¨ I.T. ¬Éªº¤H¤h |
| ±Â½Ò»y¨¥¡G | ¥H¼sªF¸Ü¬°¥D¡A»²¥H^»y |
| ½Òµ{µ§°O¡G | ¥»¤¤¤ß¾É®v¿Ë¦Û½s¼g^¤å¬°¥Dµ§°O¡A¦Ó³¡¥÷^¤å¦rªþ¦³¤¤¤å¹ï·Ó¡C |
¥un§A©ó¤U¦C¬ì¥Ø¨ú±o¦X®æ¦¨ÁZ¡A«K¥iÀò Palo Alto ¹{µo Palo Alto Networks Certified Next-Generation Firewall Engineer °ê»Ú»{¥iÃҮѡG
|
¥»¤¤¤ß¬° Palo Alto Networks «ü©wªº NGFW-Engineer ¦Ò¸Õ¸Õ³õ¡A³ø¦Ò®É½ÐP¹q¥»¤¤¤ß¡Aµn°O±ý³ø¦Ò¤§¬ì¥Ø¦Ò¸Õ½s¸¹ (§Y NGFW-Engineer)¡B¦Ò¸Õ¤é´Á¤Î®É¶¡ (³Ì§Ö¥i§Y¤é³ø¦Ò)¡CÁ{¦Ò¸Õ«en¥X¥Ü¨¥÷ÃÒ¤Îú¥I¦Ò¸Õ¶O HK$2,050¡C ¦Ò¸ÕÃD¥Ø¥Ñ¿D¬w¦Ò¸Õ¤¤¤ß¶Ç°e¨ì§AnÀ³¦Òªº¹q¸£¡A¦Ò¸Õ®É¥H¹q¸£§@µª¡C©Ò¦³¦Ò¸ÕÃD¥Ø§¡¬°^¤å¡A¦Ó¤j¦h¼Æªº¦Ò¸ÕÃD¥Ø¬°³æ¶µ¿ï¾ÜÃD (·N§Y O) ©Î¦h¶µ¿ï¾ÜÃD (·N§Y ¤f)¡C§@µª§¹¦¨«á·|¥ß§Y¥X²{§Aªº¤À¼Æ¡Aµ²ªG§Y¦Ò§Yª¾¡I¦Ò¸Õ¤£¦X®æ«K¥i«·s³ø¦Ò¡A¤£¦¸¼Æ¡C±ýª¾¹D§@µª®É¶¡¡BÃD¥ØÁ`¼Æ¡B¦X®æ¤À¼Æµ¥¸Ô²Ó¦Ò¸Õ¸ê®Æ¡A¥iÂsÄý¥»¤¤¤ßºô¶ "¦U¬ì¦Ò¸Õ¤À¼Æ¸ê®Æ"¡C |
| ½Òµ{¦WºÙ¡GPalo Alto Networks Certified Next-Generation Firewall Engineer °ê»Ú»{¥iÃҮѽҵ{ - ²ºÙ¡GPalo Alto Networks Firewall Training Course |
1. Device Management and Services
1.1 Firewall Management Interfaces
1.1.1 Management interfaces
1.1.2 Methods of access
1.1.3 Web interface
1.1.4 Panorama
1.1.5 XML API
1.1.6 Access restrictions
1.2 Introduction to PANOS
1.2.1 App-ID
1.2.2 Content-ID
1.2.3 Device-ID
1.2.4 User-ID
1.2.5 WildFire Inline ML
1.3 Deploying the VM-Series Firewall
1.3.1 VM-Series Models
1.3.2 Supported Deployments on VMware vSphere
1.3.3 VM-Series on VMware System Requirements and Limitations
1.3.4 Plan the Interfaces for the VM-Series for ESXi
1.3.5 Deploying the OVA for practice
1.3.6 Perform Initial Configuration on the VM-Series on ESXi
1.4 Licensing
1.4.1 License Types
1.4.2 Flexible vCPUs and Fixed Model Licensing
1.4.3 Flexible vCPUs and Fixed Model Deployment
1.4.4 When licenses expire
1.5 Deploying Palo Alto VM-Series Next Generation Firewall on Clouds
1.5.1 About the VM-Series Firewall on Azure
1.5.2 Azure Networking and VM-Series Firewall
1.5.3 VM-Series Firewall Templates on Azure Cloud
1.5.4 Deployments scenarios supported on Azure Cloud
1.5.5 Deploy the VM-Series Firewall from the Azure Marketplace (Solution Template)
2. Network Segmentation with Interfaces and Zones
2.1 Designing Network Segmentation for a Reduced Attack Surface
2.1.1 Background
2.2 Configure Interfaces and Zones
2.3 Configure a Basic Security Policy between Zones
2.3.1 Background information and General concepts of Security Policy
2.3.2 Detailed Firewall Packet processing flow
2.4 Assessing Network Traffic
2.5 Service Route
3. Firewall Administration
3.1 Understanding the Candidate Configuration
3.2 Save and Export Firewall Configurations
3.2.1 Saving a local backup
3.2.2 Exporting Configurations
3.3 Restoring and Reverting Firewall Configuration
3.3.1 Revert to the current running configuration (file named running-config.xml).
3.3.2 Revert to a previous version of the running configuration that is stored on the firewall
3.3.3 Revert to Custom-named candidate configuration snapshot
3.3.4 Revert to a running or candidate configuration that you previously exported to an external host
4. Administrative Accounts
4.1 Administrative Role Types
4.1.1 Role Based
4.1.2 Dynamic
4.2 Configuring Admin Role Profile
4.3 Inside an Admin Role Profile Construction
4.4 Create and Configure Firewall Administrator Account
4.5 Configure Tracking of Administrator Activity
5. Zone Protection and DoS Protection
5.1 Packet Buffer Protection
5.1.1 Global Packet Buffer Protection
5.1.2 Per-Zone Packet Buffer Protection
5.1.3 Packet Buffer Protection Based on Buffer Utilization
5.2 Zone Attacks
5.3 Zone Defense Tools
5.3.1 Zone Protection profiles
5.3.2 DoS Protection profiles and policy rules
5.3.3 Summary
5.3.4 Firewall Placement for DoS Protection
5.4 Configuring and Applying a Zone Protection Profile
5.4.1 Flood protection in Zone Protection profile
5.4.2 Reconnaissance Protection in Zone Protection profile
5.4.3 Packet-Based Attack Protection
5.4.4 Protocol Protection
5.4.5 Ethernet SGT Protection
5.4.6 L3 & L4 Header Inspection
5.4.7 Configure Email notification for Alerts
5.5 DoS Protection Profiles and Policy Rules
6. App-ID
6.1 Introduction to App-ID
6.2 Streamlined App-ID Policy Rules
6.2.1 Create an Application Filter Using Tags
6.2.2 Background information about Decryption and APP-ID policy inspection
6.2.3 Keys and Certificates for Decryption Policies
6.2.4 Configuring SSL Decryption with SSL Forward Proxy
6.2.5 Creating a Decryption Policy rule
6.2.6 Verify Decryption
6.3 Decryption Exclusions
6.3.1 Reasons to Exclude Web sites from being decrypted by PA firewall
6.3.2 Palo Alto Networks Predefined Decryption Exclusions
6.3.3 Exclude a Web Site from Decryption for Technical Reasons
6.3.4 Exclude a Web Site from Decryption for Compliance and Privacy Reasons
6.3.5 Temporarily Disable SSL Decryption
6.3.6 Decryption Log
7. Security Profiles
7.1 Antivirus Profile
7.2 Anti-Spyware profiles
7.2.1 Default profile
7.2.2 Strict profile
7.3 Vulnerability Protection profiles
7.4 URL Filtering Profiles
7.5 Data Filtering Profiles
7.5.1 Creating a Data Filtering Profile
7.6 File Blocking Profiles
7.6.1 Basic file blocking
7.6.2 Strict file blocking
8. External Dynamic List
8.1 Introduction to External Dynamic List
8.2 EDL Types
8.2.1 Predefined IP Address
8.2.2 Predefined URL List
8.2.3 IP Address
8.2.4 Domain
8.2.5 URL
8.2.6 Equipment Identity
8.2.7 Subscriber Identity
8.3 EDL Formatting
8.3.1 IP Address List
8.3.2 Domain List
8.4 Built-in External Dynamic Lists
8.4.1 Palo Alto Networks Bulletproof IP Addresses
8.4.2 Palo Alto Networks High-Risk IP Addresses
8.4.3 Palo Alto Networks Known Malicious IP Addresses
8.4.4 Palo Alto Networks Tor Exit IP Addresses
8.5 Configure the Firewall to Access an External Dynamic List
8.6 Enforce Policy on an External Dynamic List
8.7 Retrieve an External Dynamic List from the Web Server
8.8 Using EDL Hosting Service feeds
9. Advanced WildFire
9.1 Introduction
9.2 Available subscription options
9.2.1 WildFire
9.2.2 Advanced WildFire
9.2.3 Standalone WildFire API
9.3 WildFire Features
9.3.1 Real-Time Updates
9.3.2 Five-Minute Updates (All PAN-OS versions)
9.3.3 Advanced WildFire Inline ML¡X(PAN-OS 10.0 and later)
9.3.4 File Type Support
9.3.5 Advanced WildFire API
9.3.6 WildFire Private and Hybrid Cloud Support
9.3.7 Intelligent Run-time Memory Analysis
9.4 Advanced WildFire Concepts
9.4.1 Samples
9.4.2 Firewall Fo4warding
9.4.3 Advanced WildFire Analysis Environment
9.4.4 Advanced WildFire Inline ML
9.4.5 Advanced WildFire Verdicts
10. Managing Policy Objects
10.1 Address and Address Group Objects
10.1.1 How to tag objects
10.1.2 Address Object
10.1.3 Address Group object
10.2 Services
10.3 Application Filters
10.4 Application groups
10.5 Nesting application groups and filters
10.6 Application Characteristics
10.7 Policy Design and Evaluation
10.7.1 Create Security Policy Rules by App-ID instead of by Service
10.7.2 Rule Shadowing
10.7.3 Policy Usage statistics
10.7.4 Security Policy Rule Logging options
10.7.5 A Brief description of User-ID
10.7.6 Policy test match tool
10.7.7 Traffic Logging with Tap zone interface
10.7.8 Virtual Wire Interface
11. PAN-OS Networking Configuration
11.1 Configure interface
11.1.1 Layer 2
11.1.2 Layer 3
11.1.3 Virtual wire
11.1.4 Tunnel interfaces
11.1.5 Aggregate Ethernet (AE)
11.1.6 Management
11.2 Configure zones
11.3 Configure high availability (HA)
11.3.1 Active/active
11.3.2 Active/passive
11.3.3 Link and path monitoring
11.4 Configure routing
11.4.1 Dynamic routing protocols
11.4.2 Redistribution and policies
11.4.3 Route monitoring
11.4.4 Advanced Routing Engine
11.5 Configure GlobalProtect
11.5.1 Portals
11.5.2 Gateways
11.5.3 Authentication
11.5.4 Split tunneling
11.6 Configure tunnels
11.6.1 IPSec
11.6.2 Quantum-resistant cryptography
11.6.3 Generic Routing Encapsulation (GRE)
12. PAN-OS Device Setting Configuration
12.1 Implement authentication roles, profiles, and sequences
12.2 Configure virtual systems (VSYS)
12.2.1 Interfaces and zones
12.2.2 Virtual routers
12.2.3 Logical routers
12.2.4 Inter-VSYS routing and security
12.3 Configure logging
12.3.1 Strata Logging Service
12.3.2 Log forwarding
12.3.3 Log collectors and log collector groups
12.4 Implement PAN-OS software updates
12.5 Configure certificates
12.5.1 PKI integration
12.5.2 Authentication
12.5.3 SLS/TLS profiles
12.5.4 Decryption
12.5.5 Certificate profiles
12.6 Configure on-premises and Cloud Identity Engine User-ID
12.6.1 Group mapping and directory sync
12.6.2 User-to-IP mapping and user context
12.6.3 Redistribution and segments
12.7 Configure web proxy on PAN-OS
13. Introduction to Firewall Integration and Automation
13.1 Various deployment option
13.1.1 PA-Series
13.1.2 VM-Series
13.1.3 CN-Series
13.1.4 Cloud NGFW
13.1.5 AI Runtime Security
13.2 Use APIs to automate deployment
13.3 Manage third-party services to deploy NGFWs
13.4 Use on-premises centralized management
13.4.1 Panorama
13.4.2 Templates and device groups
13.4.3 Pre- and post-ruleset
13.5 Build Application Command Center (ACC) dashboards and custom reports
¥H¤U¦C¥X¨Ï¥Î PAN-OS ªº PA ¨t¦C Next Generation Firewall¡G
PA-220R Firewall
PA-400 Series Firewalls
PA-500 Firewall
PA-800 Series Firewalls
PA-1400 Series Firewalls
PA-3000 Series Firewalls
PA-3200 Series Firewalls
PA-3400 Series Firewalls
PA-5000 Series Firewalls
PA-5200 Series Firewalls
PA-5400 Series Firewalls
PA-5450 Firewall
PA-7000 Series Firewalls
VM (Virtual Machine) Series Firewalls
CN (Container) Series Firewall
