Course Outline


  • Overview of Palo Alto Networks' next-generation firewalls

Using Tools and Resources

  • Basic troubleshooting methodologies
  • Options for information and support
  • Using status monitoring tools
  • Using maintenance mode

Understanding Flow Logic

  • Session flow and app-ID
  • Overview of flow logic
  • TCP sessions and states
  • Tracing packet flow

Packet Captures and Packet-Diagnostics Logs

  • Understanding packet capture concepts
  • Configuring packet captures
  • Using debug-level diagnostic log features
  • Interpreting the flow-basic output
  • Using hardware assistance and offloading

Host-Inbound and Transit Traffic

  • Troubleshooting transit traffic
  • Blocking tor
  • Troubleshooting host-inbound traffic

Using System Services

  • Identifying performance issues
  • Using baseline service performance
  • Performance troubleshooting use cases
  • Using system services daemons
  • Gathering more data

Certificate Management and SSL Decryption

  • Verify SSL decryption is applied via the certificate chain
  • Accessing the site via its IP vs FQDN
  • Intermediate CA missing
  • Excluding URLs / certificates
  • Using client authentication and SSL decryption exclusion
  • Working with external factors that complicate SSL decryption


  • User-ID mapping flow
  • Troubleshooting User-ID


  • Using connection sequence
  • Troubleshooting GlobalProtect

Support Escalation and RMAs

  • Case management
  • Dealing with hardware failure and return merchandise authorizations (RMAs)
  • Managing escalation and support events

Summary and Next Steps


  • Knowledge of network and security concepts


  • Security professionals
  • Cybersecurity analysts
  • Administrators
  21 Hours

Related Courses

Palo Alto Firewalls

  21 hours

Palo Alto Networks Firewall Essentials: Configuration and Management

  21 hours

Panorama: Managing Firewalls at Scale

  21 hours

Cortex XDR

  21 hours

Network Security in Linux

  14 hours

Network Security

  14 hours

Network Security Administrator

  35 hours

BeyondCorp: Implementing Zero Trust Security

  14 hours

Wireless Network and Telecom Network Security

  35 hours

Certified Lead Ethical Hacker

  35 hours

Certified Network Defender | CND

  35 hours


  14 hours

CompTIA PenTest+ Exam Preparation

  35 hours


  14 hours

Penetration Testing with Nmap

  14 hours