Solution Overview

This lab simulates six locations.

Data Center: This location has 2 PAN-OS Firewalls with connections to a simulated MPLS and access to the Internet. There is also a connection to the Carrier Neutral Facility. Also inside this location is an instance of Panorama, a Windows AD server and a Linux server.

Carrier Neutral Facility: This location has a single PAN-OS firewall in it with connections to the datacenter, Internet and simulated connections to AWS and Azure

Public Cloud: This location has a Windows server in the simulated Azure network and a Ubuntu server within the simulated AWS network.

Home User: This location has a Windows workstation with an Internet connection.

Branch 1: This location has a PAN-OS firewall and a Windows desktop.

Branch 2: This site is identical to Branch 1 but also has a Kali box to simulate attacks from within a network.

External Kali Linux box: This is used to simulate a malicious external user.

Lab Diagram