Login / Register

Shopping cart

Firewall Essentials: Configuration and Management (EDU-210)

Category:

Last Update:

July 16, 2026

Accredited by:

Course Overview

The Palo Alto Networks Firewall Essentials: Configuration and Management (EDU-210) course is five days of instructor-led training that will help you to:

  • Configure and manage the essential features of Palo Alto Networks next-generation firewalls
  • Configure and manage Security and NAT policies to enable approved traffic to and from zones
  • Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs
  • Monitor network traffic using the interactive web interface and firewall reports

This training is the most important course as it covers all the fundamentals to understand the NextGeneration FireWall from the ground up. Even experienced firewall engineers take a lot out of this course as it includes, besides the architecture and management essentials, topics like Application Identification, Content ID (IPS, Anti-Virus/-Spyware, URL Filtering, File Blocking), SSL Decryption and User Identification which are all features usually not supported by legacy firewalls. In addition to the official content, we also teach security best practices that will enable students to fully leverage the Palo Alto Networks NextGeneration Firewall’s potential as we not only explain the theory but how to use every feature in real life.

Course Objectives

Upon successful completion of the Palo Alto Networks (EDU-210) instructor-led course, students will be able to:

  • Install and configure new Palo Alto Networks Next-Generation Firewalls
  • Manage the Firewall’s configurations
  • Understand the basics of networking and traffic flows
  • Configure the Firewall to connect to your production network
  • Manage the Security Policy Rules used to protect your network
  • Manage Network Address Translation (NAT) Rules
  • Configure the Firewall to Block Traffic to or from Known Malicious IP addresses
  • Use advanced features of the Firewall’s interactive web interface
  • Configure Policy based on application (App-ID) and user identity (User-ID)
  • Configure deep packet inspection features, including Anti-Virus, Anti-Spyware, Vulnerability Protection,
  • URL Filtering, File Blocking, Data Filtering & WildFire
  • Configure SSL Decryption on the Firewall so that it can inspect & control decrypted sessions
  • Monitor network activity and identify threats
  • Understand and build comprehensive Firewall reports

Target Audience

  • Security Engineers
  • Security Administrators
  • Security Operations Specialists
  • Security Analysts
  • Support Staff

Prerequisites

  • Participants must be familiar with networking concepts, including routing, switching, and IP addressing.
  • Participants also should be familiar with basic security concepts.
  • Experience with other security technologies (IPS, proxy, and content filtering) is a plus.

Examination

Certification Name : Palo Alto Networks Certified Next-Generation Firewall Engineer

Exam duration : 90 minutes

Format : Multiple-choice questions

Language : English

Exam Platform : Pearson VUE

Passing Score : Palo Alto Networks does not publicly disclose the passing score for the Next Generation Firewall Engineer (NGFW Engineer) certification exam

 

Training Content

DAY 1
9.30am – 11.00am
1. Palo Alto Networks Portfolio and Architecture

  • Palo Alto Networks security platform
  • NGFW architecture
  • PAN-OS overview

11.00am – 11.15am – Short Break

11.15am – 12.30pm
2. Configuring Initial Firewall Settings

  • Initial setup Management interface
  • DNS and update server

12.30pm – 1.30pm – Lunch

1.30pm – 4.00pm

  • Software updates
  • Lab – Connect to the Management Network

3. Managing Firewall Configurations

  • Save, load and export configurations
  • Configuration versions

4.00pm – 4.15pm – Short Break

4.15pm – 5.30pm

  • Configuration snapshots
  • Lab – Manage Firewall Configurations

DAY 2
9.30am – 11.00am
4. Managing Firewall Administrator Accounts

  • Administrator accounts
  • Lab – Configure Administrator Accounts and Roles

11.00am – 11.15am – Short Break

11.15am – 12.30pm
5. Connecting the Firewall to Production Networks with Security Zones

  • Interfaces (Layer 3, Layer 2, Virtual Wire)
  • Virtual Routers
  • Security Zones
  • Static routing

12.30pm – 1.30pm – Lunch

1.30pm – 4.00pm

  • Interface configuration
  • Lab – Configure Interfaces, Virtual Router and Security Zones

6. Creating and Managing Security Policy Rules

  • Security policy fundamentals
  • Rule order
  • Policy matching

4.00pm – 4.15pm – Short Break

4.15pm – 5.30pm

  • Address and service objects
  • Security policy best practices
  • Lab – Configure Security Policies

DAY 3
9.30am – 11.00am
7. Creating and Managing NAT Policy Rules

  • Source NAT
  • Destination NAT
  • Dynamic IP and Port NAT
  • Bi-directional NAT

11.00am – 11.15am – Short Break

11.15am – 12.30pm

  • Lab – Configure NAT Policies

12.30pm – 1.30pm – Lunch

1.30pm – 4.00pm
8. Controlling Application Usage with App-ID

  • App-ID technology
  • Application groups
  • Application filters
  • Application-based security
  • Lab – Configure Application-Based Policies

4.00pm – 4.15pm – Short Break

4.15pm – 5.30pm
9. Blocking Known Threats Using Security Profiles

  • Antivirus
  • Anti-Spyware
  • Vulnerability Protection
  • Lab – Configure Security Profiles

DAY 4
9.30am – 11.00am
10. Blocking Inappropriate Web Traffic with URL Filtering

  • URL Filtering Profiles
  • URL Categories
  • Custom URL Categories

11.00am – 11.15am – Short Break

11.15am – 12.30pm

  • Lab – Configure URL Filtering

12.30pm – 1.30pm – Lunch

1.30pm – 4.00pm
11. Blocking Unknown Threats with Wildfire

12. Controlling Access to Network Resources with User-ID

  • User-ID concepts
  • User mapping

4.00pm – 4.15pm – Short Break

4.15pm – 5.30pm

  • LDAP integration
  • Group Mapping
  • Lab – Configure User-ID

DAY 5
9.30am – 11.00am
13. Using Decryption to Block Threats in Encrypted Traffic

  • SSL Forward Proxy
  • SSL Inbound Inspection
  • Decryption policies

11.00am – 11.15am – Short Break

11.15am – 12.30pm

  • Lab – Configure SSL Decryption

12.30pm – 1.30pm – Lunch

1.30pm – 4.00pm
14. Locating Valuable Information Using Logs and Reports

  • Traffic logs
  • Threat logs
  • URL logs
  • Monitoring
  • Reports
  • Log filtering

4.00pm – 4.15pm – Short Break

4.15pm – 5.30pm

  • Lab – Analyze Logs and Generate Reports

15. What’s Next in Your Training and Certification Journey

Price From:

RM15,000.00

Enquire for More Info

Courses You May Like

CERTIFICATION

CERTIFICATION

5 Days

Intermediate

RM3,500.00

CERTIFICATION

3 Days

Fundamental

RM3,800.00

CERTIFICATION