Configuration Management
The purpose of the running and candidate firewall configurations
Running Configuration
• Configuration settings currently active on the firewall (maintained in a file on the firewall named running config.xml)
Candidate Configuration
•Configuration changes in progress but not active on the firewall (all of in progress edits are made to the candidate configuration)
Candidate --> COMMIT --> running ..will overwrite current config this activates config changes. Previous are labelled and timestamped
Writes to the control and data plane memory.
Firewall Configuration Actions
Manage firewall configuration
Device>setup>operations
Config management operations are global in scope. Revert, Save and Load work local to the firewall.
Export and Import are XML formatted files from host running the web interface. Panorama can be used to build and distribute config (a combination of export, copy, edit and import XML files in bulk).
At boot the lastest config on disk is loaded to the candidate config in the control-plane memory.
Save current candidate configuration to an XML filename on disk by clicking Save named configuration snapshot
Full Commit
requires proper permissions
Per-Admin Commit
An admin only or select grp of other administrators.
Commit Changes Made By (admin or location)
Commit For Other Admins
by Superuser of and Admin role with these privileges
Commit Status Window
Two tabs are Commit and Rule Shadow
Use Tasks ...to reopen the commit status window for that commit operation.
Per-Administrator Save and Revert
Changes or the changes of a select group of other administrators to the default XML file. Each change is tagged with information about the administrator.
Preview and Validate Configuration Changes
Compare and and run config, Change summary, Validate commit (performs a syntactic and semantic validation of a firewall candidate configuration. Use to find and fix errors before commit.
Transaction Locks and Multiple Administrators
Other administrators cannot change the configuration or commit changes without removing the lock.
View firewall logs
View and filter firewall logs (with focus on System and Configuration logs because they are updated when managing firewall configurations)
Monitor>Logs
Time stamped file that provides an audit trail for system events on the firewall or network traffic events that the firewall monitors. ...properties, activities, or behaviours associated with the logged event, such as the application type or the IP address of an attack.
View and Filter a Log
Monitor > Logs > System
Filter a Log Using the Filter Builder
Monitor > Logs > Traffic
1. For guidance on continuing to deploy the security platform features to address your network security needs, review the PAN-OS Administrator's Guide section titled ______________________________________________.
Set Up a Basic Security Policy
Best Practices for Completing the Firewall Deployment
Register the Firewall
Best Practices for Securing Administrative Access
2. In the web interface, what is signified when a text box is highlighted in red?
The value in the text box is required
The value in the text box is controlled by Panorama
The value in the text box is optional
The value in the text box is an error
The answer is: The value in the text box is required
3. True. By default, the firewall uses the management (MGT) interface to access external services, such as DNS servers, external authentication servers, Palo Alto Networks services such as software, URL updates, licenses and AutoFocus.
4. True. Service routes can be used to configure an in-band port to access external services.
5. The Gartner Magic Quadrant for Network Firewalls rates company's:
Regulatory Compliance / Intellectual Properties
Ability to Execute / Completeness of Vision
Growth Potential / Profitability
6. Which attribute is associated with the dedicated out-of-band network management port in Palo Alto Networks firewalls?
Cannot be configured as a standard traffic port
Supports only SSH connections
Supports DHCP only
Requires a static, non-DHCP network configuration
7. Which command will reset a next generation firewall to its factory default settings if you know the admin account password?
a. reset startup-config
request system private-data-reset
reload
reset system settings
Comments