Panorama: NGFW Management

Course code: PNGFWM

The Palo Alto Networks Panorama: NGFW Management course is an instructor-led training that will help you to:

  • Learn how to design, configure and manage the Panorama FireWall management server
  • Gain experience in how to centrally manage policies using device groups
  • Learn how to rollout network and device configuration to many FireWalls using templates and template variables
  • Gain experience with administration, log collection, as well as logging and reporting
  • Become familiar with planning and design considerations for Panorama deployment

 

960 EUR

1 162 EUR including VAT

The earliest date from 31.03.2025

Selection of dates
onas
Do you have a question?
+420 731 175 867 edu@edutrainings.cz

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: 31.03.2025

Guaranteed

Type: Virtual

Course duration: 4 days

Language: en

Price without VAT: 960 EUR

Starting date: 28.04.2025

Guaranteed

Type: Virtual

Course duration: 2 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 03.06.2025

Guaranteed

Type: Virtual

Course duration: 4 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 16.06.2025

Type: Virtual

Course duration: 2 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 30.06.2025

Type: Virtual

Course duration: 4 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 28.07.2025

Type: Virtual

Course duration: 4 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 11.08.2025

Guaranteed

Type: Virtual

Course duration: 4 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 08.09.2025

Type: Virtual

Course duration: 2 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: 01.12.2025

Type: Virtual

Course duration: 2 days

Language: en

Price without VAT: 960 EUR

Register

Starting date: Upon request

Type: In-person/Virtual

Course duration: 2 days

Language: en/cz

Price without VAT: 960 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
G 31.03.2025 Virtual 4 days en 960 EUR
G 28.04.2025 Virtual 2 days en 960 EUR Register
G 03.06.2025 Virtual 4 days en 960 EUR Register
16.06.2025 Virtual 2 days en 960 EUR Register
30.06.2025 Virtual 4 days en 960 EUR Register
28.07.2025 Virtual 4 days en 960 EUR Register
G 11.08.2025 Virtual 4 days en 960 EUR Register
08.09.2025 Virtual 2 days en 960 EUR Register
01.12.2025 Virtual 2 days en 960 EUR Register
Upon request In-person/Virtual 2 days en/cz 960 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course description

This training is a specialised course for the Panorama management solution to centrally manage FireWalls at scale. It not only teaches the features and functionalities of Panorama but also provides guidance on how to design a distributed firewall network that is managed from a central location.

Target group

  • Security Architects
  • Security Administrators
  • Security Operations Specialists
  • Security Analysts
  • Security Engineers

Course structure

Adding New Firewalls to Panorama

  • Add a FireWall
  • Automated Commit recovery
  • Automatically Add multiple FireWalls via CSV import
  • Tagging
  • Organizing Summary Information
  • Secure Communication Settings
  • Manage device licenses
  • Master key

Upgrade firewalls from Panorama

 

Deploy Content ID Updates to firewalls from Panorama

 

Lab

  • Set location for firewalls
  • Copy serial firewall numbers
  • Configure firewalls to communicate with Panorama
  • Add firewalls to Panorama
  • Modify Summary Window columns
  • Assign firewall Tags
  • Verify firewall licenses
  • Schedule Dynamic Updates for firewalls

Panorama solution overview

 

Deployment options

 

Panorama platforms

 

Register and License Panorama

 

GUI overview

 

Panorama License and Software update

 

Plugin Architecture

 

Services and Interface Configuration

 

Panorama Commits

 

Configuration Management

  • Config Operations
  • Manage Backup incl. export device state from FireWall
  • Config export

Lab

  • Lab Overview
  • Connect to the lab environment
  • Log in to the Panorama appliance and both firewalls
  • Document configuration and license information
  • Configure Panorama Management Interface
  • Configure Panorama Settings
  • Schedule automatic config exports
  • Schedule Content Updates
  • Save and export Panorama configuration
  • Commit changes

Templates overview

 

Configuring templates

  • Device configuration via template
  • Local overwrite

Template Variables

  • Overview
  • Configuration

Real-life use cases and best practices

 

Lab

  • Create templates
  • Create template stacks
  • Create template variables
  • Push the template stack to managed devices

Device groups overview

 

Configuring Device Groups

  • Setup Device-group hierarchy
  • Group and push to HA Peers

Objects

  • Create an object – shared/disable override
  • Override
  • Move
  • Device Group and template mapping

Policies

  • Rules Hierarchy
  • Rulebase structuring
  • Configure rules
  • Move Rules
  • Rulebase preview
  • Unused Rules
  • Policy rule targets

Rule changes archive

  • Audit Comments
  • Tag-Based Rule Groups

Real-life use cases and best practices

 

Lab

  • Create device groups
  • Configure device group settings

Design Considerations for Deployment

 

Log storage and retention

  • Determine the Log Rate
  • Storage calculation
  • Log retention

Planning Considerations

 

Panorama log event forwarding

 

Lab

  • Configure log forwarding on the firewalls
  • Configure log settings on the firewalls
  • Confirm log forwarding

Customizing Log Tables

 

Using Filters in Log Tables

 

Exporting Filtered Data

 

Lab

  • Customize Log Tables in Panorama
  • Create and Apply Filters in Log Tables
  • Export Filtered Data

Authenticating Panorama administrators

 

Panorama authentication methods

 

Admin Role

 

Creating Administrative Accounts

  • Custom Panorama Admin incl. Admin Role
  • Device Group and Template Admin incl. Access Domain and Admin Role
  • Password Profile and Password Complexity

External Authentication

  • Authentication Profile
  • LDAP Server Profile

Concurrent Administration

  • Config Lock

Lab

  • Create LDAP and RADIUS Server Profiles
  • Configure Authentication Profiles for LDAP and RADIUS
  • Configure admin roles
  • Configure admin accounts
  • Create access domains
  • Demonstrate the use of commit locks

Data Sources Used by Panorama

 

Operational Information Available in Panorama

 

Reporting Capabilities in Panorama

 

Lab

  • Examine Panorama ACC data
  • Run reports on Panorama
  • Explore App Scope
  • Identify and respond to threats

Health and Summary Information of Managed Firewalls

 

Troubleshooting Communication Issues with Panorama

 

Troubleshooting Commit Errors

 

Test policy functionality

 

Lab

  • Troubleshoot connectivity issues with a firewall
  • Troubleshoot various commit errors
  • Troubleshoot loss of internet connectivity

This is an additional module which is not part of the official course. The instructor will demo the import of an existing FireWall’s local configuration into Panorama and explain various caveats.

 

Overview of Use Cases

  • Import existing FireWall if Panorama wasn’t used so far
  • Import local config after FireWall migration
  • Import FireWall config that has been partially managed by Panorama

Config import incl. caveats

  • Dependency on Device config
  • Caveats on fine-tuning the config
  • Disable config sync in a HA cluster

Prerequisites

The “Firewall Configuration and Management” (EDU-210) course or equivalent practical experience working with the Palo Alto Networks Next-Generation FireWall is a recommended ​prerequisite to taking this Palo Alto panorama training. Students also should be familiar with basic security concepts. Familiarity with networking concepts, including routing, switching, and IP addressing, is recommended.

Do you need advice or a tailor-made course?

onas

product support

Certification

The Panorama: NGFW Management course covers parts of the content required for the PCNSE “Palo Alto Networks Certified Network Security Engineer” certification.

The recommended enablement path for the PCNSE certification is first to take the “Firewall: Configuration and Management” (EDU-210) course followed by the Panorama: NGFW Management and the “Firewall Troubleshooting” (EDU-330) in either order.

ComGate payment gateway MasterCard Logo Visa logo