Our Clients both new and existing have requirements for consulting engagements with Palo Alto Networks regarding design considerations around the areas of Migration and deployment, Core feature explanation and recommendations. Clients have a requirement to clearly understand the implications of deployment of key features and architectures within the Clients environment. Additionally, our existing Clients may require engagements to vet existing designs or to consult around our Transformation best practices. Key element of both offerings is a Design Review Workshop which is a focused on-site discussion and review of all aspects of technical requirements, as well as deployment, design and operational challenges unique to managing within the customer environment. Through this discussion we will gain a full understanding of the client infrastructure and the overall security operations. Palo Alto Networks Design Consulting Services can then deliver expert assessment, analysis and recommendations.

Level 1: Visibility Into Non-Encrypted Traffic Level 1 completes your initial deployment of the Security Operating Platform. This migration is carefully planned with the help of highly automated migration tools, with risk avoidance as the top priority. Visibility into non-encrypted traffic is established, and a decryption strategy is created. Additionally, Threat Prevention, URL Filtering and WildFire® malware prevention service are enabled for increased protection. Outcomes:

• > Visibility into your network, endpoints and clouds
• > Platform consolidation for traceability and audit purposes
• > Improved efficiency in policy administration
• > Automated threat intelligence
• > Automated alerting on known and unknown threats

Level 2: Control of All Traffic by Reducing the Attack Surface Level 2 completes your transition to a Layer 7 policy, dramatically increasing your prevention capabilities by blocking unsanctioned applications. The implementation of SSL decryption and segmentation gives you complete visibility to increase your control over access to applications. Outcomes:

• • Granular visibility and precise control of encrypted traffic
• • Network segmentation deployed for applications
• • Network, endpoint and application blocking
• • URL/Unsanctioned application blocking
• • Stabilization of SOC resources with less low-fidelity data sent to the SOC

Level 3: Enforcement of Advanced Security Policy Level 3 enables full blocking and alerting capabilities. This allows control over all inbound, outbound and lateral traffic by user and by application. Data flowing to the security operations center at this stage is dramatically different from pre-transformation data. Policies and procedures are updated as required for this new level of security capability. Executive reporting incorporated with operational hygiene reporting gives you a business-guided view of security. Outcomes:

• • Complete control of application flows and user access
• • Process integration between your network and security operations centers
• • Closed-loop process for security use cases
• • Enablement of development flexibility, acceleration of business
• • Public and private cloud protection
• • VM policy templates for automated provisioning
• • Reporting of unsanctioned URLs/applications for business lines

Level 4: Integration Across All Deployment Scenarios Level 4 expands the capabilities enabled by your transformation to all your deployment scenarios, including network, data center, endpoint and cloud. Full utilization of the platform provides maximum protection and operational gains from technologies built to work together. Outcomes:

• • Cost avoidance through use of a single, integrated platform
• • Reduction of integration development resources
• • Enhanced security evolution through involvement in the community ecosystem
• • Rapid adoption of capabilities on a common platform

Bronze Package (Up to 500 endpoints and 2 ESM Server)

Silver Packge(Up to 2500 endpoints and 4 ESM Server)

Gold Package (Up to 20000 endpoints and 5 ESM Server)

SOC Assestment Service

SOC Integration of NGFW and Panorama

SOC Integration of Autofocus and Minemeld

Azure Services

Google Cloud Platform (GCP)

AWS Services

OpenStack Services

ACI Services

Threat Assessment Service Our team of expert consultants will assess threats to your organization and your prevention capabilities against those threats. We will analyze your configuration along with your actual traffic to determine your current security effectiveness as well as identify changes that would improve your prevention posture. As part of this service, we will walk your team through the analysis to help you make evidence-based modifications to your configuration so you can better prevent successful cyberattacks.

Health Check Service

This course will enable you to:

• • Configure and manage the essential features of Palo Alto Networks next-generation firewalls
• • Configure and manage GlobalProtect to protect systems that are located outside of the data center perimeter
• • Configure and manage firewall high availability
• • Monitor network traffic using the interactive web interface and firewall reports

This course will enable you to:

• • Describe the cyber-attack lifecycle and recognize common forms of attack
• • Describe PAN-OS threat prevention capabilities
• • Use firewall logs and reports to make better configuration decisions
• • Configure the firewall to detect, block, and record threats

This course will enable you to:

• • Learn how to configure and manage the next-generation Panorama management server
• • Gain experience configuring templates (including template variables) and device groups
• • Gain experience with administration, log collection, and logging and reporting
• • Gain experience with Panorama High Availability and Panorama troubleshooting
• • Become familiar with new Panorama features such as Panorama in the public cloud, the Logging Service, and GlobalProtect cloud service

This course will enable you to:

• • Investigate networking issues using advanced firewall tools including the CLI
• • Analyze advanced logs to resolve various real-life scenarios
• • Solve advanced routing scenario challenges
• • Follow proven troubleshooting methodologies specific to individual features

This course will enable you to:

• • How Traps protects against exploits and malware-driven attacks
• • Install and configure the Endpoint Security Manager (ESM) and Traps endpoint components
• • Build rules
• • Enable and disable process protections
• • Integrate Traps with Palo Alto Networks WildFire

This course will enable you to:

• • Design, build, implement, and optimize large-scale Traps deployments
• • Distribute Traps endpoint software in an automated way
• • Prepare master images for VDI deployment
• • Create a Traps Linux installation package and install the agent onto a Linux endpoint
• • Build multi-ESM deployments
• • Design and implement customized policies
• • Test Traps with exploits created using Metasploit
• • Examine prevention dumps with windbg