Preferred method of contact:

(PA-210) Firewall 8.0: Essentials - Configuration and Management



Course Number



5 Days

PDF Add to WishList

The Palo Alto Networks Firewall 8.0 Essentials: Configuration and Management (210) course is five days of instructor-led training that will enable you to:

  • Configure and manage the essential features of Palo Alto Networks® next- generation firewalls
  • Configure and manage GlobalProtect to protect systems that are located outside of the data center perimeter
  • Configure and manage firewall high availability
  • Monitor network traffic using the interactive web interface and firewall reports

You Will Learn How To

Successful completion of this five-day, instructor-led course will enhance the student’s understanding of how to configure and manage Palo Alto Networks® next-generation firewalls. The student will learn and get hands-on experience configuring, managing, and monitoring a firewall in a lab environment.

Important Course Information

  • Requirements

    • Students must have a basic familiarity with networking concepts including routing, switching, and IP addressing. Students also should be familiar with basic security concepts. Experience with other security technologies (IPS, proxy, and content filtering) is a plus.

    Learning Tree Training Vouchers cannot be used to pay for the tuition fee for this course.

    This course is delivered by a Learning Tree approved training partner.

Course Outline

  • Module 1: Platforms and Architecture
  • Security platform overview
  • Next-generation firewall architecture
  • Zero Trust security model
  • Public cloud security
  • Firewall offerings
  • Module 2: Initial Configuration
  • Administrative controls
  • Initial access to the system
  • Configuration management
  • Licensing and software updates
  • Account administration
  • Viewing and filtering logs
  • Module 3: Interface Configuration
  • Security zones and interfaces
  • Tap interfaces
  • Virtual Wire interfaces
  • Layer 2 interfaces
  • Layer 3 interfaces
  • Virtual routers
  • VLAN interfaces
  • Loopback interfaces
  • Policy-based forwarding
  • Module 4: Security and NAT Policies
  • Security policy fundamental concepts
  • Security policy administration
  • Network Address Translation
  • Source NAT configuration
  • Destination NAT configuration
  • Module 5: App-ID™
  • Application Identification (App-ID) overview
  • Using App-ID in a Security policy
  • Identifying unknown application traffic
  • Updating App-ID
  • Module 6: Basic Content-ID™
  • Content-ID overview
  • Vulnerability Protection Security Profiles
  • Antivirus Security Profiles
  • Anti-Spyware Security Profiles
  • File Blocking Profiles
  • Attaching Security Profiles to Security policy rules
  • Telemetry and threat intelligence
  • Denial of service protection
  • Module 7: URL Filtering
  • URL Filtering Security Profiles
  • Attaching URL Filtering Profiles
  • Module 8: Decryption
  • Decryption concepts
  • Certificate management
  • SSL Forward Proxy decryption
  • SSL Inbound Inspection
  • Other decryption topics:
    • Unsupported applications
    • No decryption
    • Decryption port mirroring
    • Hardware security modules
    • Troubleshooting SSL session terminations
  • Module 9: WildFire™
  • WildFire concepts
  • Configuring and managing WildFire
  • WildFire reporting
  • Module 10: User-ID™
  • User-ID overview
  • User mapping methods overview
  • Configuring User-ID
  • PAN-OS® Integrated agent configuration
  • Windows-based agent configuration
  • Configuring group mapping
  • User-ID and Security policy
  • Module 11: GlobalProtect™
  • GlobalProtect overview
  • Preparing the firewall for GlobalProtect
  • Configuration: GlobalProtect Portal
  • Configuration: GlobalProtect Gateway
  • Configuration: GlobalProtect agents
  • Module 12: Site-to-Site VPNs
  • Site-to-site VPN
  • Configuring site-to-site tunnels
  • IPsec troubleshooting
  • Module 13: Monitoring and Reporting
  • Dashboard, ACC, and Monitor
  • Log forwarding
  • Syslog
  • Configuring SNMP
  • Module 14: Active/Passive High Availability
  • HA components and operation
  • Active/passive HA configuration
  • Monitoring HA state
  • Module 15: What’s Next
  • Operational guidelines
  • Analyzing ACC information
  • Optimizing Security Profiles
Show complete outline
Show Less

Convenient Ways to Attend This Instructor-Led Course

In the Classroom

Live, Online

Private Team Training

In the Classroom — OR — Live, Online

Tuition Fee — Standard: £3495  

20 - 24 Jul ( 5 Days)
9:30 AM - 5:00 PM BST
London / Online (WebEx) London / Online (WebEx) Reserve Your Seat

Guaranteed to Run

When you see the "Guaranteed to Run" icon next to a course event, you can rest assured that your course event — date, time — will run. Guaranteed.

Private Team Training

Enrolling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training.

For details, call 0800 282 353 or Click here »

This event has been added to your cart.

Tuition Fee


In Classroom or



Private Team Training

Contact Us »

Training Hours

Standard class hours:
9:30 a.m. - 5:00 p.m.

- ,


Please Choose a Language

Canada - English

Canada - Français