The Palo Alto NGFW Foundations Lab is a capability of the Advanced Technology Center (ATC) designed to provide an environment to gain hands-on experience with the fundamental features of Palo Alto's NGFW solution. The environment that supports the lab is completely virtual, removing any hardware dependencies associated with physical infrastructure.
This lab now features Ixia BreakingPoint to generate artificial traffic that flows through the lab. This allows for testing of traffic policies as well as further Palo Alto features such as WildFire and Policy Optimizer. Two modules have been created to demonstrate the features of these technologies enabled by BreakingPoint, including Policy Optimizer's Unused Rules and New App Viewer as well as WildFire's threat reporting.
PAN-OS, the basis of the NFGW solution, uses a single pass parallel architecture to classify and control traffic in a single pass through the firewall. With App‑ID, Content‑ID, Device-ID, and User‑ID, you can have complete visibility and control of the applications in use across all users and devices in all locations all the time to effectively apply intent-based security. The advanced security feature sets are combined with a robust networking stack to ensure the Palo Alto NGFW can integrate with existing infrastructure and terminate remote user connections. Palo Alto provides a first class security and networking solution to meet the growing demands cloud and digital transformation have placed on security teams. With the introduction of Inline Machine Learning in PAN-OS 10, the application and threat signatures automatically reprogram your firewall with the latest intelligence, assuring that all traffic you allow is free of known and unknown threats.
Cortex XSOAR has been included to demonstrate the integration of the Threat Intelligence Module and the External Dynamic List functionality of PAN-OS. The TIM Module allows Security Operation Centers to aggregate, parse, deduplicate and manage millions of daily indicators across multiple feed sources to provide a single source of domains, IP addresses, and URLs to deny at the firewall.