Security policies:

  • Enforcing network traffic by configuring rules of what is allowed or denied to communicate between logical network segments (zones)
  • Traffic can be policed with the following parameters:
    • IP Address (source and/or destination)
    • Users
    • Services(ports)
    • Applications

(From Packt)

  • Enforcement hierarchy:

    • Is essential to understand the security policy order of enforcement to avoid policy overruling
    • "A clean policy table limits the possibility of policy overruling"

Task 1

Please block the student wireless network from reaching the server subnet.

Source Zone         Source Address

Student Wireless:   10.10.0.0/22

Server Subnet:      10.30.0.0/23

Destination Zone    Destination Address

Configure the firewall policy.

Task 2

We are getting complaints of employees watching Netflix during work hours and it's causing our internet connection to crawl.

- Please block the employee subnet 10.25.0.0/23 from accessing Netflix.

Configure the firewall policy.

Cyber Security - Palo Alto Security Policies(1)的更多相关文章

  1. Cyber Security - Palo Alto Security Policies(2)

    Task 3 The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to ...

  2. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

    LDAP Authentication and Remote Users and Groups Create Remote User Objects and LDAP Integration: sam ...

  3. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(1)

    Address Objects and Groups Creating address objects. Organizing address objects with address groups ...

  4. Cyber Security - Palo Alto Firewall Interface Types

    Multiple options to integrate the Palo Alto Firewall into your: Network Layer 2 interfaces and VLAN ...

  5. Cyber Security - Palo Alto Firewall V-Wires

    Leveraging V-Wires Bridge two physical connections and apply security Policies without influencing a ...

  6. Cyber Security - Palo Alto Basic Introduction

    Preparation of the Lab Environment: Download and Install Pan-OS from the following website https://d ...

  7. Cyber Security - Palo Alto Firewall Security Zones

    Firewall Security Zones Zones: The foundational aspect of every Firewall. Police network traffic Enf ...

  8. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(2)

    Users Objects and Groups Creating local user objects. Creating local user groups. https://docs.paloa ...

  9. Palo Alto GlobalProtect上的PreAuth RCE

    0x00 前言 SSL VPN虽然可以保护企业资产免受互联网被攻击的风险影响,但如果SSL VPN本身容易受到攻击呢?它们暴露在互联网上,可以可靠并安全地连接到内网中.一旦SSL VPN服务器遭到入侵 ...

随机推荐

  1. python基础内容整理(一)

    基本数据类型 字符串 String 字符串是不可变类型 字符串的分割: s.split(sep)以给定的sep为分隔符对s进行分割. In [4]: s = "hello world&quo ...

  2. 《Redis开发与运维》

    第1章 初识Redis 1. Redis介绍: Redis是一种基于键值对(key-value)的NoSQL数据库. 与很多键值对数据库不同的是,Redis中的值可以是由string(字符串).has ...

  3. WeChair项目Alpha冲刺(2/10)

    团队项目进行情况 1.昨日进展    Alpha冲刺第二天 昨日进展: 前端完成小程序首页的html+css设计 后端springboot项目搭建完成 详情参见github 数据库也初步建成一些表格, ...

  4. 1.尚硅谷_MyBatis_简介.avi

    hibernate旨在消除mysql语句.程序员不写sql语言,要实现复杂的功能需要学习hibernate的hql语句 mybatis把编写sql语言交给程序员,程序员自己在xml控制sql语句的编写 ...

  5. 5、struct2的获得jsp参数的第三种方式

    在前面已经讲解了通过在action中直接通过jsp的参数和ModelDiver的方式获得浏览器传递的参数,下面我们介绍第三种方式,也是在项目开发中推荐的方式 action不需要在实现ModelDriv ...

  6. 设计模式:JDK和Spring中常见的设计模式

    设计模式 总结 类 工厂模式 封装创建过程,只对结果负责 BeanFactory.Calender 单例模式 全局唯一 ApplicationContext.Calender 原型模式 多重影分身之术 ...

  7. SQL注入之sqlmap进阶

    上一篇我们对sqlmap进行简单的介绍,并介绍了一些·sqlmap的基础用法,这篇让我们来更深入的了解一下sqlmap,了解一下它的强大功能. 探测等级 参数为 --level 在sqlmap中一共有 ...

  8. 基于托管的C++来使用WPF - Using WPF with Managed C++

    基于托管的C++来使用WPF - Using WPF with Managed C++ Posted by Zeeshan Amjad This article was originally publ ...

  9. MongoDB副本集replica set(三)--添加删除成员

    在上一篇文章中,我们搭建了3个节点的副本集,集群信息如下: rstest:PRIMARY> rs.config() { "_id" : "rstest", ...

  10. ORACLE数据库数据被修改或者删除恢复数据(闪回)

    1. SELECT * FROM CT_FIN_RiskItem  --先查询表,确定数据的确不对  (cfstatus 第一行缺少) 2. select * from CT_FIN_RiskItem ...