Multiple options to integrate the Palo Alto Firewall into your:

  • Network
  • Layer 2 interfaces and VLAN interfaces
  • Layer 3 interfaces
  • Tap interfaces
  • Loopback and tunnel interfaces
  • HA interfaces

Type 1 - Layer 2 interfaces:

  • Allows a Trunk interface to transmit
  • Tagged VLAN's which can be assigned to VLAN interfaces
  • Can be allocated in port channels (link aggregation with LACP)

Configure a Layer2 interface with Wired-VLAN20.

Add a layer2 subinterface.

Add a Wireless-VLAN30 subinterface.

Type2 - Layer 3 interfaces:

  • Carries end-to-end Layer 3 traffic with an assigned IP address.
  • Can be allocated in port channels(link aggregation with LACP)
  • Can be sub-divided in L3 Subinterfaces.

Add a layer3 interface.

Type3 - Tunnel and loopback interfaces:

  • Used to logically assign attributes to tunnel entry/exit points
  • Loopbacks: Create always-on logical interfaces for required applications.

Configure a tunnel.

Confiture Loopback

Configure Virtual Router

Configure IPsec Tunnels here.

Typer 4 - HA(High availability interfaces):

  • Allows connectively between two Palo Alto Firewalls to establish a highly available Firewall setup
  • HA links will carry required information to build the cluster, and sync routing/configuration across the members.

Configure HA interface.

Enable HA setup.

Configure the Control Link.

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/set-up-activepassive-ha/configure-activepassive-ha

Cyber Security - Palo Alto Firewall Interface Types的更多相关文章

  1. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

    LDAP Authentication and Remote Users and Groups Create Remote User Objects and LDAP Integration: sam ...

  2. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(1)

    Address Objects and Groups Creating address objects. Organizing address objects with address groups ...

  3. Cyber Security - Palo Alto Firewall V-Wires

    Leveraging V-Wires Bridge two physical connections and apply security Policies without influencing a ...

  4. Cyber Security - Palo Alto Firewall Security Zones

    Firewall Security Zones Zones: The foundational aspect of every Firewall. Police network traffic Enf ...

  5. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(2)

    Users Objects and Groups Creating local user objects. Creating local user groups. https://docs.paloa ...

  6. Cyber Security - Palo Alto Basic Introduction

    Preparation of the Lab Environment: Download and Install Pan-OS from the following website https://d ...

  7. Cyber Security - Palo Alto Security Policies(2)

    Task 3 The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to ...

  8. Cyber Security - Palo Alto Security Policies(1)

    Security policies: Enforcing network traffic by configuring rules of what is allowed or denied to co ...

  9. Palo Alto GlobalProtect上的PreAuth RCE

    0x00 前言 SSL VPN虽然可以保护企业资产免受互联网被攻击的风险影响,但如果SSL VPN本身容易受到攻击呢?它们暴露在互联网上,可以可靠并安全地连接到内网中.一旦SSL VPN服务器遭到入侵 ...

随机推荐

  1. spring boot actuator扩展httptrace的记录

    SpringBoot记录HTTP请求日志 1.需求解读 需求: 框架需要记录每一个HTTP请求的信息,包括请求路径.请求参数.响应状态.返回参数.请求耗时等信息. 需求解读: Springboot框架 ...

  2. ArrayList类的使用

    ArrayList常用类方法 (1)添加元素 public boolean add(E element) 在集合末端添加一个元素 public void add(int index,E element ...

  3. SQL注入之常用工具sqlmap

    通常来说,验证一个页面是否存在注入漏洞比较简单,而要获取数据,扩大权限,则要输入很复杂的SQL语句,有时候我们还会对大量的URL进行测试,这时就需要用到工具来帮助我们进行注入了. 目前流行的注入工具有 ...

  4. 入门大数据---Kafka生产者详解

    一.生产者发送消息的过程 首先介绍一下 Kafka 生产者发送消息的过程: Kafka 会将发送消息包装为 ProducerRecord 对象, ProducerRecord 对象包含了目标主题和要发 ...

  5. Java常用的文档地址

    https://docs.oracle.com/en/ https://docs.oracle.com/en/java/javase/13/   specifications--->langua ...

  6. python之浅谈循环

    目录 流程控制之while循环 语法 while+break while+continue while+else while循环的嵌套 流程控制之for循环 语法 for+break for+cont ...

  7. HTML5(二)音频视频画布

    HTML5 Audio(音频) 定义和用法 <audio src="someaudio.wav" controls="controls"> 您的浏览 ...

  8. Redis哨兵集群创建脚本--v2

    1. 基础环境 操作系统版本  CentOS Linux release 7.6.1810 (Core) Docker 版本  19.03.11, build 42e35e61f3 Redis  版本 ...

  9. EntityFrameworkCore 开发实践问题及规范

    严重问题 客户端求值 如where条件包含的GetValueOrDefault()不能被翻译成sql语句 不规范代码段例子 public async Task<List<Person> ...

  10. day02总结

    1.机器语言:直接用二进制指令编写程序 优点:程序的运行速度快 缺点: 1.编写程序太复杂了 2.记忆困难 2.汇编语言:用英文标签取代二进制指令去编写程序 方便记忆了, 但编写程序还是复杂的 3.高 ...