Lab to be deployed for testing customer access to standard Lab Gateway protocols.

The Fortinet Next Generation Firewall (NGFW) Foundations Lab is a capability of the Advanced Technology Center (ATC) designed to provide an environment to gain hands-on experience with the fundamental features of the Fortinet NGFW solution. The environment that supports the lab is completely virtual, removing any hardware dependencies associated with physical infrastructure.

This is a mini lab that will walk users through Impacket, a Python library and collection of tools designed for working with network protocols. You will gain hands-on experience using Impacket to interact with a simulated Windows environment. The lab focuses on key tools from the Impacket suite, such as wmiexec.py for remote command execution, and secretsdump.py for credential extraction. This tool is essential to Red Team operations and can be useful during a Cyber Range Red Team event.

The Palo Alto NGFW Intermediate Lab is a hand-on virtual environment where you'll be able to complete the exercises you see in the Intermediate learning path as well as several new practicals. The Intermediate lab focuses on tasks like SSL Decryption, URL Filtering, and DNS Tunneling. Just like the Foundations lab, the Intermediate lab is built upon the same infrastructure. While there is a guide that you can follow along with, you can also explore the environment and test any configuration you'd like.

Secure Access Service Edge (SASE), coined by Gartner in 2019, is a solution that blends networking and security into cloud-scale architecture that optimizes end user performance and improves security for an organization. Zscaler Internet Access (ZIA) is a secure Internet and web gateway cloud-delivered SASE service that sits between the users and the internet. ZIA will inspect every byte of traffic inline across multiple security techniques providing full protection from web and internet threats. The SASE Lab Series will look to explore the capabilities of the solution to provide you with a "rubber meets road" understanding of these technologies and how SASE can be applied in your company.

WWT's ATC Palo Alto Cortex XDR Proving Ground Lab provides a consolidated solution built around Cortex XDR, the Palo Alto firewall, Windows endpoints and Windows servers to demonstrate how the Cortex XDR Agent protects against threats. The goal of Cortex XDR is to increase the operational efficiency of the security operations center. Cortex XDR accomplishes this by reducing alerts by combining similar events, stitching together logs from different sources and preventing as many threats as possible early in the attack cycle. Cortex XDR goes beyond the traditional EDR approach of using only endpoint data to identify and respond to threats by applying machine learning across all your enterprise, network, cloud and endpoint data. This approach enables you to quickly find and stop targeted attacks, insider abuse and remediate compromised endpoints. Cortex XDR combines functionality from Endpoint Protection, Endpoint Detection and Response, Network Traffic Analysis and User Behavior Analytics into a single console. This lab consists of servers running common applications that include Palo Alto Cortex XDR, Palo Alto Cortex XSOAR, Palo Alto VM-Series firewall, Active Directory, Windows IIS and SQL server, and several Windows 10 workstations. You will access the environment using a Windows-based jump host from which you can browse web consoles and open RDP/SSH sessions.

Netskope's Data Loss Prevention solution is designed to be easy to use but also highly customizable. Gain deep visibility into data everywhere, automatically discovering sensitive data and preventing it from leaking. Netskope prevents data breaches and helps to ensure regulatory compliance. In this lab, not only will we be looking at Netskope DLP but also Web Content Filtering, Cloud App Control, Remote Browser Isolation, as well as Generative AI Blocking.

The goal of this lab is to show how policy-based redirection to a L4-7 device can be used with a single bridge domain needed for Application Centric (ACI) fabrics. The use of a single bridge domain and single PBR redirection is known as "one -armed mode."