Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Securing Remote Access in Palo Alto Networks
Securing Remote Access in Palo Alto Networks

Securing Remote Access in Palo Alto Networks: Practical techniques to enable and protect remote users, improve your security posture, and troubleshoot next-generation firewalls

eBook
€26.98 €29.99
Paperback
€36.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with Print?

Product feature icon Instant access to your digital copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Redeem a companion digital copy on all Print orders
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

Securing Remote Access in Palo Alto Networks

Chapter 1: Centralizing Logs

In this chapter, we will take a closer look at how to forward firewall logs to an external system and discuss some of the benefits. Logs can be forwarded to an external Security Incident and Event Management System (SIEM) and can be used to create a range of alerts whenever an interesting event occurs. You will learn how to set up the configuration and apply best practices when dealing with log forwarding. We will then review how logs can be forwarded to Panorama and log collectors, as well as how to leverage alternative log protocols such as syslog. We will also cover how to troubleshoot forwarding issues and how to apply filters to forwarding profiles to specify which log events are forwarded.

In this chapter, we are going to cover the following main topics:

  • Understanding log forwarding profiles and best practices
  • Learning about Panorama and log collectors
  • Forwarding logs to syslog, SMTP, and other options
  • Exploring log forwarding profiles
  • Troubleshooting logs and log forwarding

Technical requirements

For this chapter, you will need to have a Palo Alto Networks firewall set up and connected to a management network. It will be helpful if you are able to spin up a syslog server and email relay to reproduce the log forwarding settings we are about to configure. If you can set up or repurpose a Panorama instance, you will be able to follow along with some of the threat correlation examples.

Check out the following link to see the Code in Action video:https://bit.ly/3oTeYZW

Understanding log forwarding profiles and best practices

In this section, you will learn the steps required to ensure logs are forwarded to an external system. You will also learn how to apply filters so that only specific types of events are forwarded, as well as how to ensure Log forwarding configuration is applied automatically. First, we will look at where and how logs are stored.

Allocating log storage

All NGFW firewalls and Panorama Systems are built from a Linux operating system running proprietary PAN-OS on top. Log files for the system daemons reside in the root partition. They are only accessible via the command line and are included in a Tech Support file for troubleshooting. All logs related to PAN-OS live in the /opt/panlogs partition. Use the following command to review filesystem usage statistics:

reaper@PA-VM> show system disk-space 
Filesystem      Size  Used Avail Use% Mounted on
/dev/root       7.0G  4.2G  2.5G  64% /
none            3.5G   92K  3.5G   1% /dev
/dev/sda5        16G  2.9G   13G  20% /opt/pancfg
/dev/sda6       8.0G  1.4G  6.3G  18% /opt/panrepo
tmpfs           2.8G  2.4G  420M  86% /dev/shm
cgroup_root     3.5G     0  3.5G   0% /cgroup
/dev/sda8        21G  598M   20G   3% /opt/panlogs

In this example, /dev/sda8 is a partition on the local disk that's used to store logs. Some of the larger hardware platforms may have a secondary hard disk for logging, and on VM firewalls, an additional disk can be installed post-deployment.

The available disk space needs to be shared by all the different log databases, so it is worth reviewing how much space is allocated to each database and tweaking the quotas and expiration periods to optimize them for retention. You can review the current quotas with the following command:

reaper@PA-VM> show system logdb-quota 
Quotas:
      system: 4.00%,  0.629 GB Expiration-period: 0 days
      config: 4.00%,  0.629 GB Expiration-period: 0 days
       alarm: 3.00%,  0.472 GB Expiration-period: 0 days
     traffic: 29.00%, 4.559 GB Expiration-period: 0 days
      threat: 15.00%, 2.358 GB Expiration-period: 0 days
...snipped for brevity...
Disk usage:
traffic: Logs and Indexes: 211M Current Retention: 46 days
threat: Logs and Indexes: 24K Current Retention: 0 days
system: Logs and Indexes: 11M Current Retention: 46 days
config: Logs and Indexes: 21M Current Retention: 46 days
...snipped for brevity...

As you can see, the traffic logs are only assigned 29% of the totally available log space on this particular firewall.

These quotas can be adjusted via the web interface by going to Device > Setup > Management > Logging and Reporting Settings, as shown in the following screenshot. The log databases on the left represent logs that are the direct result of sessions or system events taking place; the column on the right contains the summary databases that are used to compile larger datasets containing statistical data that can be used in reporting:

Figure 1.1 – Logging and reporting settings

Figure 1.1 – Logging and reporting settings

As hardware platforms are somewhat limited in terms of their capacity for storing logs, the need to export logs for a longer log retention period may arise quite quickly. A production firewall may see up to 40 GB or more of logs being created daily, thus decreasing log retention to less than a day on smaller platforms. Virtual machines, on the other hand, support having an additional disk added to them, which we will review in the next section.

Adding disk space to a VM firewall

Virtual appliances, both firewalls and Panorama, support local storage expansion by having additional virtual disks added to enlarge their log capacity.

Important note

The primary disk that's assigned to a virtual system cannot be enlarged to accommodate more logs. The partitions are predefined and additional disk space will be left unused.

As shown in the following screenshot, an additional disk can be added that's between 60 GB and 2 TB in size to a firewall VM. Panorama VM can support from 1 to 14 2-TB disks, or one single 24-TB disk in Panorama mode. Panorama systems that are deployed in Legacy mode, which means they were installed in an older version and have since been upgraded, can have a single disk added that's up to 8 TB in size:

Figure 1.2 – Adding disks to a VM

Figure 1.2 – Adding disks to a VM

Disks need to be thick provisioned, and the controller must be set to SCSI. Make sure that you shut down the system before adding the new disk. During bootup, the disk will be discovered and mounted as the new /opt/panlogs partition.

The next stage is to enable log forwarding to an external system.

Left arrow icon Right arrow icon

Key benefits

  • Learn the ins and outs of log forwarding and troubleshooting issues
  • Set up GlobalProtect satellite connections, configure site-to-site VPNs, and troubleshoot LSVPN issues
  • Gain an in-depth understanding of user credential detection to prevent data leaks

Description

This book builds on the content found in Mastering Palo Alto Networks, focusing on the different methods of establishing remote connectivity, automating log actions, and protecting against phishing attacks through user credential detection. Complete with step-by-step instructions, practical examples, and troubleshooting tips, you will gain a solid understanding of how to configure and deploy Palo Alto Networks remote access products. As you advance, you will learn how to design, deploy, and troubleshoot large-scale end-to-end user VPNs. Later, you will explore new features and discover how to incorporate them into your environment. By the end of this Palo Alto Networks book, you will have mastered the skills needed to design and configure SASE-compliant remote connectivity and prevent credential theft with credential detection.

Who is this book for?

This book is for anyone who wants to learn more about remote access for users and remote locations by using GlobalProtect and Prisma access and by deploying Large Scale VPN. Basic knowledge of Palo Alto Networks, network protocols, and network design will be helpful, which is why reading Mastering Palo Alto Networks is recommended first to help you make the most of this book.

What you will learn

  • Understand how log forwarding is configured on the firewall
  • Focus on effectively enabling remote access
  • Explore alternative ways for connecting users and remote networks
  • Protect against phishing with credential detection
  • Understand how to troubleshoot complex issues confidently
  • Strengthen the security posture of your firewalls
Estimated delivery fee Deliver to Malta

Premium delivery 7 - 10 business days

€32.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Jul 02, 2021
Length: 336 pages
Edition : 1st
Language : English
ISBN-13 : 9781801077446

What do you get with Print?

Product feature icon Instant access to your digital copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Redeem a companion digital copy on all Print orders
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to Malta

Premium delivery 7 - 10 business days

€32.95
(Includes tracking information)

Product Details

Publication date : Jul 02, 2021
Length: 336 pages
Edition : 1st
Language : English
ISBN-13 : 9781801077446

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 129.97
Mastering Palo Alto Networks
€37.99
Securing Remote Access in Palo Alto Networks
€36.99
Mastering Palo Alto Networks
€54.99
Total 129.97 Stars icon

Table of Contents

10 Chapters
Section 1: Leveraging the Cloud and Enabling Remote Access Chevron down icon Chevron up icon
Chapter 1: Centralizing Logs Chevron down icon Chevron up icon
Chapter 2: Configuring Advanced GlobalProtect Features Chevron down icon Chevron up icon
Chapter 3: Setting up Site-to-Site VPNs and Large-Scale VPNs Chevron down icon Chevron up icon
Chapter 4: Configuring Prisma Access Chevron down icon Chevron up icon
Section 2: Tools, Troubleshooting, and Best Practices Chevron down icon Chevron up icon
Chapter 5: Enabling Features to Improve Your Security Posture Chevron down icon Chevron up icon
Chapter 6: Anti-Phishing with User Credential Detection Chevron down icon Chevron up icon
Chapter 7: Practical Troubleshooting and Best Practices Tools Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Full star icon 5
(6 Ratings)
5 star 100%
4 star 0%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




KC Jul 08, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The Securing Remote Access in Palo Alto Networks book by Tom Piens is an essential guide to seasoned engineers and those just launching into Palo Alto Networks configuration. The book provide clear configuration steps for logging, GlobalProtect (GP) authentication and VPN setting, secure remote access through Prisma Access, etc. This guide even provides great troubleshooting details for these and other topics to to provide additional aid with the reader's Palo Alto Networks deployment. The awesome guide is well-paced and provides the details necessary to help engineers and soon-to-be engineers deploy these features in their environment.
Amazon Verified review Amazon
Michael Davis Aug 15, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Mr. Piens is back again with a great follow up to Mastering Palo Alto Networks this time focusing on VPNs, security posture, logging, and credential theft prevention. As a former PCNSE who's not spent much time with PANOS 10.x this book has been helpful in learning about the new options added since 9.1.x in preparation to take the PCNSE exam again.If you run PANW firewalls in your environment do yourself a favor, pick up reaper's tomes, read them, then set about improving the setup of your firewalls.Full disclosure I was provided a digital copy of the book for review.
Amazon Verified review Amazon
Jithin Scaria Aug 12, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
An excellent book to learn Palo Alto Networks, the entire book was organized into seven chapters included. Each chapter was given practical importance. Best Practical Troubleshooting and Best Practices Tools are described inside this book.Overall great and practical-oriented book for the learners.
Amazon Verified review Amazon
BMW E28 Sep 11, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This is probably the most definite book on palo alto. Thank you for taking the time to write this book!
Amazon Verified review Amazon
Christopher Hagberg Aug 12, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book should be required reading for everyone that works with Palo Alto Networks firewalls. Tom has written clear and good instructions on how to harden your configuration, set up secure remote access and more. The book is well written and easy to follow even if you have just the basic knowledge about Palo Alto Firewalls, or just networking in general.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the digital copy I get with my Print order? Chevron down icon Chevron up icon

When you buy any Print edition of our Books, you can redeem (for free) the eBook edition of the Print Book you’ve purchased. This gives you instant access to your book when you make an order via PDF, EPUB or our online Reader experience.

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela