Security policies:

  • Enforcing network traffic by configuring rules of what is allowed or denied to communicate between logical network segments (zones)
  • Traffic can be policed with the following parameters:
    • IP Address (source and/or destination)
    • Users
    • Services(ports)
    • Applications

(From Packt)

  • Enforcement hierarchy:

    • Is essential to understand the security policy order of enforcement to avoid policy overruling
    • "A clean policy table limits the possibility of policy overruling"

Task 1

Please block the student wireless network from reaching the server subnet.

Source Zone         Source Address

Student Wireless:   10.10.0.0/22

Server Subnet:      10.30.0.0/23

Destination Zone    Destination Address

Configure the firewall policy.

Task 2

We are getting complaints of employees watching Netflix during work hours and it's causing our internet connection to crawl.

- Please block the employee subnet 10.25.0.0/23 from accessing Netflix.

Configure the firewall policy.

Cyber Security - Palo Alto Security Policies(1)的更多相关文章

  1. Cyber Security - Palo Alto Security Policies(2)

    Task 3 The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to ...

  2. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

    LDAP Authentication and Remote Users and Groups Create Remote User Objects and LDAP Integration: sam ...

  3. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(1)

    Address Objects and Groups Creating address objects. Organizing address objects with address groups ...

  4. Cyber Security - Palo Alto Firewall Interface Types

    Multiple options to integrate the Palo Alto Firewall into your: Network Layer 2 interfaces and VLAN ...

  5. Cyber Security - Palo Alto Firewall V-Wires

    Leveraging V-Wires Bridge two physical connections and apply security Policies without influencing a ...

  6. Cyber Security - Palo Alto Basic Introduction

    Preparation of the Lab Environment: Download and Install Pan-OS from the following website https://d ...

  7. Cyber Security - Palo Alto Firewall Security Zones

    Firewall Security Zones Zones: The foundational aspect of every Firewall. Police network traffic Enf ...

  8. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(2)

    Users Objects and Groups Creating local user objects. Creating local user groups. https://docs.paloa ...

  9. Palo Alto GlobalProtect上的PreAuth RCE

    0x00 前言 SSL VPN虽然可以保护企业资产免受互联网被攻击的风险影响,但如果SSL VPN本身容易受到攻击呢?它们暴露在互联网上,可以可靠并安全地连接到内网中.一旦SSL VPN服务器遭到入侵 ...

随机推荐

  1. Java 从入门到进阶之路(二十三)

    在之前的文章我们介绍了一下 Java 中的  集合框架中的Collection 的迭代器 Iterator,本章我们来看一下 Java 集合框架中的Collection 的泛型. 在讲泛型之前我们先来 ...

  2. 39 _ 队列5 _ 循环队列需要几个参数来确定 及其含义的讲解.swf

    上面讲解都是循环队列,如果是链表实现的话就很简单,队列只有循环队列才比较复杂 此时队列中只存储一个有效元素3,当在删除一个元素的时候,队列为空,pFont向上移动,pFont等于pRear,但是此时p ...

  3. 7-3 树的同构(25 分) JAVA

    给定两棵树T1和T2.如果T1可以通过若干次左右孩子互换就变成T2,则我们称两棵树是“同构”的. 例如图1给出的两棵树就是同构的,因为我们把其中一棵树的结点A.B.G的左右孩子互换后,就得到另外一棵树 ...

  4. pick靶场-sql注入

    甲.数字型注入 数字型注入一般提交值没有引号,所以直接在后面构造语句就可以了. 抓包查看 构造语句 提交后 该数据库表内容被爆出来了. 乙.字符型注入 首先我们要知道一点,字符串在数据库中提交是需要用 ...

  5. Vue前端压缩图片

    一.在组件包下新建compressImage.js // 压缩图片 // eslint-disable-next-line no-unused-vars export function compres ...

  6. LeetCode62. 不同路径

    由于机器人只可以向右和向下移动,所以我们要到第i行第j列,只可以由第i-1行第j列和第i行第j-1列移动一步得到,因此要到第i行第j列的方案数就是到第i-1行第j列的方案数和到第i行第j-1列的方案数 ...

  7. React源码之组件的实现与首次渲染

    react: v15.0.0 本文讲 组件如何编译 以及 ReactDOM.render 的渲染过程. babel 的编译 babel 将 React JSX 编译成 JavaScript. 在 ba ...

  8. Write a program to copy its input to its output, replacing each string of one or more blanks by a single blank.

    #include <stdio.h> void main() { int c,c_BCN; while((c=getchar())!=EOF) { if(c!=' ') c_BCN=; i ...

  9. 主存到Cache直接映射、全相联映射和组相联映射

    转自:https://blog.csdn.net/dongyanxia1000/article/details/53392315 ---- Cache的容量很小,它保存的内容只是主存内容的一个子集,且 ...

  10. Java1.8的HashMap源码解析

    java1.8是现在用的最多的版本,hashmap是现在用的最多的map,今天我们试图分析一下源码. 数据结构 首先我们注意到数据是存放在一个Node数组里面 transient Node<K, ...