Get in touch 01006613113

Palo Alto Networks Next-Generation Firewall (NGFW)

About Course

Course Objectives

Understand NGFW Concepts: Explain the architecture, core features, and benefits of Palo Alto Networks Next-Generation Firewalls.

Deploy and Configure the NGFW: Perform initial setup, registration, and configuration of a Palo Alto firewall in both standalone and HA (High Availability) environments.

Manage Security Policies: Create, configure, and optimize security policies to control traffic based on applications, users, and content.

Implement App-ID, User-ID, and Content-ID: Use App-ID, User-ID, and Content-ID features to identify, control, and secure network traffic effectively.

Configure Network and NAT Policies: Design and implement Layer 3, Layer 2, and virtual wire deployments, including NAT configurations.

Enable Threat Prevention and URL Filtering: Configure and manage threat prevention, antivirus, anti-spyware, vulnerability protection, and URL filtering profiles.

Secure Remote Access: Implement GlobalProtect VPN for secure remote user access.

Monitor and Analyze Network Traffic: Use monitoring and logging tools and reports to analyze network activity and troubleshoot issues.

Perform Firewall Maintenance and Updates: Manage system updates, dynamic content updates, and configuration backups/restorations.

 

Course Outlines

Day 1: Introducing the Palo Alto Networks Ecosystem & Basic Firewall Setup

  • Welcome, introductions, course objectives, and setup of lab environment
  • Installation and initial configuration
  • Connecting firewall to network: zones, interfaces, and routing basics
  • Lab Exercise: configure interfaces + zones + basic connectivity

Day 2: Security Policy, NAT, and App-ID Fundamentals

  • Recap of Day 1 and Q&A
  • Security Policy Rules: concept of zones, sources/destinations, and rule order
  • NAT Policy: types of NAT, when to use, and configuration examples
  • App-ID: how the firewall identifies applications and how to use App-ID in policy
  • Lab Exercise: create security policies + NAT + App-ID filtering

Day 3: Threat Prevention, URL Filtering, WildFire, and User-ID

  • Recap of Day 2
  • Security Profiles and Threat Prevention: anti-virus, anti-spyware, and vulnerability protection
  • URL Filtering: categories and custom lists
  • WildFire/Unknown-Threat Handling: sandboxing and unknown malware
    detection
  • User-ID: identifying users and groups, integrating with directory services, and
    applying policies based on user identity

Day 4: Decryption, Logs & Reporting, Redundancy, and VPNs

  • Recap Day 3
  • SSL/TLS Decryption: why, how to configure inbound/outbound decryption
  • Logs & Reports: how to monitor firewall traffic, threat logs, generate
    reports
  • Redundancy: HA pair configuration, fail-over considerations
  • VPNs: site-to-site VPN, remote access VPN basics

Day 5: Putting It All together, Best Practices, and Troubleshooting Intro Topic

  • Recap Day 4
  • Best Practices for Deployment: segmentation, least privilege, logging strategy, update strategy
  • Intro to troubleshooting common issues and tools on Palo Alto firewall
  • Course Wrap-Up: review objectives
Download Schedule
Enroll Course

World Food Programme (WFP)

Our work with the World Food Programme (WFP) focused on enabling the effective adoption of digital field technologies and essential digital literacy capabilities. Participants utilized mobile-based data collection platforms within operational contexts, enhancing accuracy, consistency, and confidence in digital data handling. The engagement strengthened WFP’s ability to rely on digital tools to support field operations and humanitarian programs.

Raya

For Raya, we delivered technology enablement focused on automation-driven operations and scalable application development. Participants gained hands-on experience with automation technologies and modern front-end development frameworks, supporting more efficient processes and the delivery of flexible, high-performance digital solutions aligned with business growth objectives.

EgyptAir

Our engagement with EgyptAir focused on enabling the effective use of application development technologies alongside the adoption of cybersecurity and secure computing practices within operational environments. Participants worked with Microsoft-based development platforms and programming technologies while gaining practical exposure to secure application usage, access control mechanisms, and threat-aware system interaction. This integrated technology enablement supported more secure digital operations, improved system reliability, and reinforced cyber resilience across aviation technology environments.

Banque Misr

We collaborated with Banque Misr to enable integrated enterprise technology capabilities across multiple domains. The engagement supported effective utilization of IT infrastructure environments, data analytics platforms, and professional capability development frameworks, allowing teams to operate confidently within complex enterprise systems. Our delivery approach focused on practical technology adoption, operational alignment, and building sustainable competencies that support reliable banking services and informed, data-driven decision-making.

Course Booking Form