Palo Alto and Panorama - Hardening the Configuration
Hardening Palo Alto Firewall and Panorama (Hardening Network Devices)
As per Hardening Network Devices National Security Agency Cybersecurity Information, below points are covers in this Course.
The possibility of unwanted access to a network's infrastructure is decreased by hardening network equipment. A malicious cyber actor might take advantage of flaws in device management and configurations to establish presence and maintain persistence within a network. Adversaries are increasingly focusing on targeting specialized and embedded devices, such as routers and switches, rather than only standard endpoints. They achieve this by managing routing protocols, exploiting configuration flaws, and introducing malware into the operating systems.
- In the cybersecurity world, that means making that device more secure and resilient to attacks. By hardening a device, you are making it more difficult to break into for hackers.
- Minimizing attack surface, or surface of vulnerability, and potential attack vectors
- Hardening the Firewall Configuration
- Hardening the Network devices Firewalls, Routers and Switches etc
- The possibility of unwanted access to a network's infrastructure is decreased by hardening network equipment.
- Management interface is kept secure, and access is limited to only those administrators that need access.
- Accessing internet resources from offline management
- Admin accounts also need to be set so they only have access to the sections of the configuration they need to access and use external authentication.
- Password security
- Keep Content and Software Updates Current Patch vulnerability
- Set up notifications for system and configuration log messages
- Monitor system and configuration logs
Practical Firewall Penetration Testing
Firewall penetration testing is the process of locating, investigating and penetrating a certain firewall in order to reach the internal trusted network of a certain system.
Mostly considered to be a key part in external network penetration testing, firewall In this video we discussed the below points.
- Locating The Firewall
- Conducting Traceroute
- Port Scanning
- Banner Grabbing
- Firewall Enumeration Testing
- The Firewall Policy
- Firewalking
- How to identify Firewall Specific Vulnerabilities
- Firewall Penetration Test Process/Checklist
Below Tools used during:
- NMAP
- HPING3
- Firewalk
- Network audit tool
- Tracert
- Traceroute
This course also covered the Best Deployment practices Hardening Network Devices used in the industry and some real-world scenarios including the Tips and Tricks. You will definitely learn a lot in this course and will surely find this valuable.