Security policies:

  • Enforcing network traffic by configuring rules of what is allowed or denied to communicate between logical network segments (zones)
  • Traffic can be policed with the following parameters:
    • IP Address (source and/or destination)
    • Users
    • Services(ports)
    • Applications

(From Packt)

  • Enforcement hierarchy:

    • Is essential to understand the security policy order of enforcement to avoid policy overruling
    • "A clean policy table limits the possibility of policy overruling"

Task 1

Please block the student wireless network from reaching the server subnet.

Source Zone         Source Address

Student Wireless:   10.10.0.0/22

Server Subnet:      10.30.0.0/23

Destination Zone    Destination Address

Configure the firewall policy.

Task 2

We are getting complaints of employees watching Netflix during work hours and it's causing our internet connection to crawl.

- Please block the employee subnet 10.25.0.0/23 from accessing Netflix.

Configure the firewall policy.

Cyber Security - Palo Alto Security Policies(1)的更多相关文章

  1. Cyber Security - Palo Alto Security Policies(2)

    Task 3 The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to ...

  2. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

    LDAP Authentication and Remote Users and Groups Create Remote User Objects and LDAP Integration: sam ...

  3. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(1)

    Address Objects and Groups Creating address objects. Organizing address objects with address groups ...

  4. Cyber Security - Palo Alto Firewall Interface Types

    Multiple options to integrate the Palo Alto Firewall into your: Network Layer 2 interfaces and VLAN ...

  5. Cyber Security - Palo Alto Firewall V-Wires

    Leveraging V-Wires Bridge two physical connections and apply security Policies without influencing a ...

  6. Cyber Security - Palo Alto Basic Introduction

    Preparation of the Lab Environment: Download and Install Pan-OS from the following website https://d ...

  7. Cyber Security - Palo Alto Firewall Security Zones

    Firewall Security Zones Zones: The foundational aspect of every Firewall. Police network traffic Enf ...

  8. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(2)

    Users Objects and Groups Creating local user objects. Creating local user groups. https://docs.paloa ...

  9. Palo Alto GlobalProtect上的PreAuth RCE

    0x00 前言 SSL VPN虽然可以保护企业资产免受互联网被攻击的风险影响,但如果SSL VPN本身容易受到攻击呢?它们暴露在互联网上,可以可靠并安全地连接到内网中.一旦SSL VPN服务器遭到入侵 ...

随机推荐

  1. IOS App破解之路一 拿到appstore上的ipa

    1,  在Mac电脑上的app store里搜索Apple Configurator2 并安装 2, iPhone手机连接Mac电脑 3, 登录Apple Configurator2 菜单栏,  账号 ...

  2. Mac App 破解之路八 病毒程序分析

    本人使用MacBooster 7 扫出了几个未知程序. JMJ56 这个程序. 在finder中打开发现是一个shell脚本 调用了python 9NKb0 就是python脚本使用.    只不过是 ...

  3. 微信小程序之后端处理

    首先,来看一下后端的关系图: 这边主要介绍PHP的一些基础语法等等,关于将php代码部署到SAE新浪云,大家可以参考这个链接:https://www.cnblogs.com/dhx96/p/65617 ...

  4. 10.DRF-认证

    Django rest framework源码分析(1)----认证 一.基础 1.1.安装 两种方式: github pip直接安装 pip install djangorestframework ...

  5. jni不通过线程c回调java的函数

    整个工程的项目如下: 1.项目的思路是在activity中启动MyService这个服务,在服务中调用 JniScsManger类中的本地方法startNativeScsService,在 start ...

  6. Spring声明周期的学习心得

    我们首先来看下面的一个案例: 这里是 HelloWorld.java 文件的内容: package com.yiibai;    public class HelloWorld {   private ...

  7. .net core 静态类获取appsettings

    注入获取 通过IConfiguration直接获取的方法官方文档里就有,可以直接看这里 如:appsettings.json { "Position": { "Title ...

  8. Python HTTP Server (Simples)

    Simple HTTP Server 适合临时开发调试web 使用, 直接当前项目下使用python命令快速起一个http server python2 python -m SimpleHTTPSer ...

  9. 富文本编辑器实现从word中复制图片(外挂)

    1问题 基于web的富文本编辑器的功能普遍较弱,而word是公认的宇宙第一好用的文档编辑器,所以许多人都习惯先在word中编辑,然后再将内容粘到web富文本编辑器中. 但是,这种操作有一个问题:图片带 ...

  10. SQLserver , MySQL的区别和各自的一些简单方法案列

    SQL Server数据库和MySQL数据库有什么区别呢?今天我们来分析一下这两种数据库的不同之处以及这两种数据库的一些简单用途:SQL Server数据库和MySQL数据库有什么区别: 对于程序开发 ...