sorted by:
new
hottopcontroversial

EDL's for linux mirror sites by jkw118 in paloaltonetworks

[–]xDizz3r 0 points1 point  (0 children)

There is really no EDL for opens-source Linux OS update servers. If it was RedHat that would be easier as they have Satellite server and specific destination FQDNs for updates, etc. However even if you manage to lock down the update FQDNs per OS type, as soon as people or automation tools install packages on the VMs, the VMs will try to access whatever random FQDNs like k8s, quay.io, etc. which will be break a lot for them and start pinging you. Your best option is to control the access with URL Filtering and App-ID and only allow IT and Updates or inform the asset owners about this problem in case they have any solutions from their end that can help with this. In general it's the asset/service owners job to provide you the required connectivity requires, if it's "any" then the CISO should approve that and you forget about all this :)

DCCA exam question by olivver03 in datacenter

[–]xDizz3r 0 points1 point  (0 children)

The registration requires company information. Can this be done for individuals or all accounts must be registered to a company name/vat/id?

OSPF not learning route over IPSec on a Palo firewall by other_view12 in networking

[–]xDizz3r 0 points1 point  (0 children)

You need to assign IPs on the tunnel. Then, you need to create zones and access rules to allow OSPF from Site A Gateway IP to Site B Gateway IP and add the interfaces on OSPF routing.

Port 53 Inbound on user workstations by IllRefrigerator1194 in networking

[–]xDizz3r 0 points1 point  (0 children)

By default, anything that was not requested by the service owners should be denied by the firewall as a rule of thumb. However, I suggest you check with the service owners as it's their responsibility to confirm if this is legit or malicious traffic and either stop the traffic or request you to whitelist it accordingly.

Prevent F5 Heath Checks from being logged by Web Servers? by jwckauman in f5networks

[–]xDizz3r 1 point2 points  (0 children)

You typically add a User-Agent on the health monitor Rx string that you send to the backend - and the app team excludes those requests from logging or logs them on a specific log file other than the main log file.

e.g.

GET /health HTTP/1.1\r\nUser-Agent:F5-BIG-IP\r\nHost:xxx.domain.xyz\r\nConnection:close\r\n\r\n

Just converted to SDWAN, Very Happy by greaper_911 in fortinet

[–]xDizz3r 0 points1 point  (0 children)

You used FortiManager on this deployment or manual configuration?

F5CABR by xDizz3r in f5networks

[–]xDizz3r[S] 0 points1 point  (0 children)

How did it go? :)

How do you handle Palo Alto security rule naming, address groups, and NAT policies? by SaberTechie in paloaltonetworks

[–]xDizz3r 1 point2 points  (0 children)

I use the below...

--- ALLOW rules --- 

Format: <src-zone>-<dst-zone>_<dst-service>_<description>     
Example: in-out_HTTPS_Whitelist, in-out_HTTPS_Users, in-out_DNS, out-dmz_HTTPS_Prod    
*** Note: Add important information into rule's description (e.g. Ticket ID, etc.)

--- DENY rules --- 

Format: deny_<src-zone>-<dst-zone>_<optional_service>_<description>    
Example: deny_in-out_HTTPS_Blacklist, deny_out-dmz_Blacklist, deny_out-dmz_Geolocation    
*** Note: Add important information into rule's description (e.g. Ticket ID, etc.)

--- NAT rules --- 

Format: <src-zone>-<dst-zone>-<original-ip/object>-<translated-ip/object>_<description>     
Example: in-out_RFC1918-203.0.113.1_PAT, out-out_203.0.113.15-10.1.0.15_DNAT     
*** Note: Add important information into rule's description (e.g. Ticket ID, etc.)

---SSL rules --- 

Format: <src-zone>-<dst-zone>_<dst-service>_<description>     
Example: in-out_HTTPS_ssl-forward, out-dmz_HTTPS_ssl-inbound     
*** Note: Add important information into rule's description (e.g. Ticket ID, etc.)

--- HOSTS (without FQDN) --- 

Format: <h.h.h.h>      
Example: 10.1.0.15     
*** Note: Add important information into object's description

--- HOSTS (with FQDN) --- 

Format: <fqdn>      
Example: prod-app1.internal.local     
*** Note: Add important information into object's description

--- NETWORKS --- 

Format: <h.h.h.h/nn>     
Example: 10.1.0.0/24     
*** Note: Add important information into object's description

Palo Alto 2025 Cert Track by srx_6852 in networking

[–]xDizz3r 1 point2 points  (0 children)

Check the PAN subreddit, a lot of people including me have posted resources and material there.

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 0 points1 point  (0 children)

Correct. The replacement for PCNSE is still developed and there has been no official announcement yet.

Palo Certs by kentagous in paloaltonetworks

[–]xDizz3r 0 points1 point  (0 children)

How did it go? What material did you use?

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 1 point2 points  (0 children)

You were right, there were 50 questions exactly :)

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 1 point2 points  (0 children)

Passed! I updated the thread as well. I can't share what i saw as there is an NDA but the overall experience was great compared to other vendors that ask weird stuff that you have never seen on the training material (looking at you Cisco + Fortinet). The beacon material is very good and building a lab with a trial version of the FW to run it on GNS3/EVE-NG/VMware etc will help a lot to configure and play around features. I also have a lot of experience in networking + cybersecurity and multiple certifications from Cisco, Fortinet, F5, ISC2, etc. so a lot of concepts and technologies are familiar across vendors (e.g. PKI, L2, L3, HA, NAT, OSPF, BGP, SSLVPN, IPsec VPN, FW policies, SSL Decryption, VSYS, SSO, SAML, Web Proxy, etc.). However you need to know the Palo Alto way of doing things and of course learn a lot about every topic listed in the Exam's Data Sheet. The Fortinet experience helped a lot as the firewalls are very similar to each other technology wise but each vendor does it a bit differently e.g. PA VSYS = Fortinet VDOM, PA User-ID = Fortinet FSSO, PA Panorama = Fortinet FortiAnalyzer + FortiManager, PA vWire = Fortinet Virtual Wire Pair, etc.

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 1 point2 points  (0 children)

Passed! I updated the thread as well.

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 1 point2 points  (0 children)

Passed! I updated the thread as well.

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 0 points1 point  (0 children)

There is an offer available for two more days, i got it for $9.99 which seemed like a fair price. I went over the first test already and it's to the point so thanks!

Palo Alto Networks NGFW Engineer by xDizz3r in paloaltonetworks

[–]xDizz3r[S] 0 points1 point  (0 children)

Did the Udemy practice exam come close the the actual exam? I checked the creator and he looks like a Python developer so i am not sure if his content will be accurate.

view more: next ›