Download Palo Alto Networks PCNSE6 Study Guide Feb 2015 PDF

TitlePalo Alto Networks PCNSE6 Study Guide Feb 2015
File Size845.3 KB
Total Pages24
Document Text Contents
Page 23

Security Profile Groups – Enable you to specify sets of Security Profiles

that can be treated as a unit and then added to Security Policies

Service Groups – Use Service Groups to simplify the creation of security

policies by combining services that have the same security settings into

service groups.

SLAAC – Stateless Address Auto-Configuration.

Source NAT – Translates internal private IP addresses to external public IP

addresses. Commonly used to enable internal users to access the Internet.

SSL Inbound decryption – Use when you want to intercept and decrypt

user traffic coming from the Internet to your DMZ servers

SSL Outbound decryption – Use when you want to decrypt user traffic

coming from the internal network and going to the external network

Tap Mode – In Tap Mode the firewall can be connected to a core switch’s

span port to identify applications running on the network. This option requires

no changes to the existing network design. In this mode the firewall cannot

block any traffic.

TLS – Transport Layer Security

Universal Zone – Traffic applying to both zones Intrazone and Interzone.

URL Filtering Profiles – Restrict access to specific web sites and web site


User Mapping – Maps an IP address of a packet to a Username using the

User-ID agent.

Virtual Systems – An independent (virtual) firewall instance that can be

managed separately within a physical firewall.

Virtual Wire Mode – In Virtual Wire Mode the firewall can be inserted into an

existing topology, by using virtual wire interfaces, without requiring any

reallocation of network addresses or redesign on the network topology. In

this mode all of the protection and decryption features of the device can be

used. NAT functionality is also provided in this mode.

VPN – Virtual Private Network.

Similer Documents