Let's have a look at Palo Alto.
Why, how to cut through the fluff and passing the ACE exam.
Let's start, why ?
As you can see or if you don't know the Magic Quadrant (TM) from Gartner is basically a measure
of how well companies are doing when compared to other companies.
Visionaries are those with new cutting edge technologies.
Leaders are companies that deliver large numbers and hold a more dominant position.
Challengers means they have some potential
and niche means somebody is buying them.
This quadrant is for the ENTERPRISE not the SMB. So you won't see loads of cheap
ASAs or sonicwalls affecting the chart.
Let's see why.
Check point took the lead back in 1994 and has led it consistently.
They came up with the VPN, they came up with centrally managing firewalls using a centralized device.
Palo Alto has just caught up.
They have the same level Firewall
They have the VPN
They have the Panorama which is the centralized management appliance.
They also have
WildFire - which allows you to protect against zero day attacks.
Application visibility - which allows you to view into applications to see nested applications {like chat}
Streaming- they claim they can scan the file as it is being streamed across and don't need to
buffer the whole file before starting to check it.
So as you can see, they basically have the same as Checkpoint and some added features.
The second reason they have catapulted this much is Checkpoint.
Their manager is notoriously cheap in his compensation to employees.
That is why ZUK {the CTO of Palo Alto} left him.
That is why their staff retention is low.
So their support is lacking and causes people to move away from them.
The above is what I have personally heard from disgruntled ex-employees so of course you can take it with a grain of salt.
So,
Fortinet, Juniper, Cisco, Sonicwall are all nice firewalls PER firewall
but do not have the centralized policy capabilities that Palo Alto and Checkpoint mainly have.
There you are.
As you can see Palo Alto is here to stay and clients are actually demanding we sell it to them.
Studying about Palo Alto.
Resources you can use are.
1. Support Portal http://support.paloaltonetworks.com
*this resource requires a serial number in order to get a username.
that is a challenging regulation. So if you are a partner you can see if they will bypass the rule.
2. Palo Alto Education portal http://educations.paloaltonetworks.com
* this resource requires you be a partner.
Both in tandem should give you the tools to pass the exam.
The first part is the .
101 training. "Firewall configuration essentials 101 PAN-OS v.5.0
Alternatively you can go to a class called EDU-201 which is an instructor based class.
Both will have labs for you. In order to do the labs, you must have access to the hardware.
The cheapest firewall is not very cheap so try for the NFR which is also not cheap or just memorize the labs.
The last items are
ACE study guide - useless
Palo-Alto 4.1 administrator Manual. - useless.
In general you will the company is new so the documentation is all over the place.
The GUI on the device is also al over the place and not really as consistent and logical as an apple device
or even a Juniper for that matter.
This comment has been removed by a blog administrator.
ReplyDelete