Book Image

Securing Remote Access in Palo Alto Networks

By : Tom Piens aka Piens aka 'reaper'
Book Image

Securing Remote Access in Palo Alto Networks

By: Tom Piens aka Piens aka 'reaper'

Overview of this book

This book builds on the content found in Mastering Palo Alto Networks, focusing on the different methods of establishing remote connectivity, automating log actions, and protecting against phishing attacks through user credential detection. Complete with step-by-step instructions, practical examples, and troubleshooting tips, you will gain a solid understanding of how to configure and deploy Palo Alto Networks remote access products. As you advance, you will learn how to design, deploy, and troubleshoot large-scale end-to-end user VPNs. Later, you will explore new features and discover how to incorporate them into your environment. By the end of this Palo Alto Networks book, you will have mastered the skills needed to design and configure SASE-compliant remote connectivity and prevent credential theft with credential detection.
Table of Contents (11 chapters)
1
Section 1: Leveraging the Cloud and Enabling Remote Access
6
Section 2: Tools, Troubleshooting, and Best Practices

EDLs

EDLs are dynamic objects that are periodically updated by fetching information from an external source. This source can be an external subscription-based or free threat-intelligence feed such as Spamhaus, Proofpoint's Emerging Threats, or blocklist.de, to name just a few.

Or, it can be an internally hosted tool such as MineMeld that can consolidate different feeds for ease of use.

When creating an EDL in Objects > External Dynamic Lists, there are five different types to choose from (which you can see in Figure 5.21), as follows:

  • Predefined IP List lets you select one of the IP lists provided through dynamic updates (Bulletproof, known malicious IP, and high-risk IP as part of the Threat Prevention license).
  • Predefined URL List lets you select one of the URL lists provided through content updates (a list of sites Palo Alto Networks trusts so that they can be excluded from authentication).
  • IP List is a group of IP version 4 (IPv4) and/or IP version...