Professional Documents
Culture Documents
4-Initial Firewall Configuration
4-Initial Firewall Configuration
CONFIGURATION
• Administrative controls
• Initial system access
• Configuration management
• Licensing and software updates
• Account administration
EDU-210 Version A
PAN-OS® 9.0 • Viewing and filtering logs
Agenda
After you complete this module,
you should be able to:
Configuration management
Account administration
• Default access:
• Username: admin
• Password: admin
Commit Configuration
Changes Help
Portal
Logout Tasks
Button Button
Yellow highlights
indicate required fields.
OK button is unavailable
if required information is
missing or is invalid.
Configuration management
Account administration
Minimum configuration
Restrict administrative
requires IP address,
access to specific
netmask, and default
IP addresses
gateway.
default
MGT
External Services
Update servers
DNS servers
optional NTP servers
ethernet n/n Etc.
Firewall
Configuration management
Account administration
Data-plane Running
memory Configuration
Running commit
Control-plane Configuration Candidate
revert
memory auto-commit Configuration
boot
save named
export load named MGT
.xml files
import
admin1 admin2
Save
Save named
candidate
configuration snapshot
configuration
Commit
Configuration management
Account administration
1. Check Now to
list new
software.
2. Download from
update server
or Upload from
local machine.
3. Install
software.
Configuration management
Account administration
Password
maintained in
external service
Authentication Profile:
• Communicate with authentication No
server
Password
Login fail authentication
Authentication Sequence: checked
• List of Authentication Profiles
No No
Check Active
Directory,
then RADIUS
Configuration management
Account administration
Q
Q &&
AA
43 | © 2019 Palo Alto Networks, Inc.
Initial Configuration Lab (Pages 11-23 in the Lab Guide)
• Load a firewall lab configuration file
• Create an admin role
• Create an administrator account
• Manage commit locks
• Manage external firewall services
• Schedule dynamic updates