Course outline

Traps 4.2: Deploy and Optimize

Categories: Guaranteed To Run™, Palo Alto Networks

Palo Alto Networks

Duration: 2 Days

Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Successful completion of this two-day, instructor-led course should prepare the student to deploy on-premise Traps in large-scale or complex configurations and optimize its configuration.

Students should learn how to design, build, implement, and optimize large-scale Traps deployments: those with multiple servers and/or thousands of endpoints. In hands-on lab exercises, students will distribute Traps endpoint software in an automated way, prepare master images for VDI deployment, create a Traps Linux installation package and install the agent onto a Linux endpoint, build multi-ESM deployments, design and implement customized policies, test Traps with exploits created using Metasploit, and examine prevention dumps with windbg.

Students should have completed “Traps 4.2: Install, Configure, and Manage” or (for Palo Alto Networks employee and partner SEs) “PSE: Endpoint Associate” training. Windows system administration skills and familiarity with enterprise security concepts also are required. An elementary level of Linux shell experience is needed only for the Linux lab activity.

Security Engineers, System Administrators, and Technical Support Engineers

Module 1: Scaling Server Infrastructure

  • Small site architectures
  • Large site architectures
  • TLS/SSL deployment considerations
  • Installing and configuring the Linux agent

Module 2: Scaling Agent Deployment

  • Distributing Traps via GPO
  • Configuring Virtual Desktop Infrastructure with Traps

Module 3: ESM Tuning

  • Tuning ESM settings
  • External logging and SIEM integration
  • Role-based access control (RBAC)
  • Virtual groups
  • Defining conditions
  • Tuning policies
  • Implementing ongoing maintenance

Module 4: Windows Migrations for Traps

  • SQL database migration
  • SSL certificate migration

Module 5: Advanced Traps Forensics

  • Best practices for managing forensic data
  • Agent queries
  • Resources for malicious software testing
  • Exploit challenge testing with Metasploit
  • Exploit dump analysis with windbg

Module 6: Advanced Traps Troubleshooting

  • ESM and Traps architecture
  • Troubleshooting scenarios using dbconfig and cytool
  • Troubleshooting application compatibility and BITS connectivity

Feel free to contact us, if you want to know the price and location of this course. A Digital Revolver representative will contact you shortly to help you with your inquiry.
Please fill out the form below

  • Guaranteed to Run™. This ensures you will attend the instructor led class or live online class you want as scheduled without any disruptive cancellations*. You book the training you need, get back to focusing on your job and are sure your training requirements will be met saving time, money and ensuring peace of mind.
  • This schedule icon the schedule indicates that this date/time will be conducted as Instructor Led Training (ILT) or a Virtual Instructor Led Training (VILT) depending on the indicated class availablity.
Privacy and Cookies

This website stores cookies on your computer which help us make the website work better for you.

Learn moreAccept and Close
Social media & sharing icons powered by UltimatelySocial