GNS3, Network and Enterprise Security

Palo Alto Next-Generation Firewall (NGFW) Deployment

PALO ALTO

PLATFORM: GNS3, VMWARE WORKSTATION PRO

IMAGES: PAN OS 7.0.1, Windows Server 2012 R2, Pulse Secure DTE Virtual Appliance, Cisco IOSv, Cisco IOSvL2, Firefox Appliance, Ethernet switch, NAT Cloud, PC.

Description:

  • Configured Zones on Palo Alto FW and assigned interfaces to these zones to segment the network and to inspect and control the traffic passing through it based on created Security Policy rules.
  • Configured Layer 3 tagged sub-interfaces to support 802.1Q header tagging and bi-directional NAT64 translation to allow IPv6 hosts on the inside zone to access IPv4 internet.
  • Configured APP-ID for granular control on traffic, URL Filtering to restrict users from accessing out of policy websites and Antivirus, File Blocking, Data Filtering and Anti-Spyware profiles to prevent malicious traffic.
  • Deployed Windows Server 2012 R2 for SBR, AD, LADP, PKI and RSA services and integrated Pulse Secure with Palo Alto NGFW to provide SSL VPN Services for remote access and identity based policies.
  • Implemented High Availability with Active-Active deployment, where both devices are active and are performing asymmetric routing of traffic.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s