PaloAlto Traps 4.2: Deploy and optimize (PAN-EDU-285)

Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Successful completion of this two-day, instructor-led course should prepare the student to deploy on-premise Traps in large-scale or complex configurations and optimize its configuration.

Course Objectives

Students should learn how to design, build, implement, and optimize large-scale Traps deployments: those with multiple servers and/or thousands of endpoints. In hands-on lab exercises, students will distribute Traps endpoint software in an automated way, prepare master images for VDI deployment, create a Traps Linux installation package and install the agent onto a Linux endpoint, build multi-ESM deployments, design and implement customized policies, test Traps with exploits created using Metasploit, and examine prevention dumps with windbg.

Course level: Intermediate

Course format: Combines instructor-facilitated lecture with hands-on labs

Software version: Palo Alto Networks Traps Advanced Endpoint Protection 4.2

Target Audience: Security Engineers, System Administrators, and Technical Support Engineers


Students should have completed “Traps 4.2: Install, Configure, and Manage” or (for Palo Alto Networks employee and partner SEs) “PSE: Endpoint Associate” training. Windows system administration skills and familiarity with enterprise security concepts also are required. An elementary level of Linux shell experience is needed only for the Linux lab activity.

Module 1: Scaling serve infrastructure

  • Small site architectures
  • Large site architectures
  • TLS/SSL deployment considerations
  • Installing and configuring the Linux agent

Module 2: Scaling Agent Deployment

  • Distributing Traps via GPO
  • Configuring Virtual Desktop Infrastructure with Traps

Module 3: ESM Tuning

  • Tuning ESM settings
  • External logging and SIEM integration
  • Role Based Access Control (RBAC)
  • Virtual groups
  • Defining Conditions
  • Tuning Policies
  • Implementing ongoing maintenance

Module 4: Windows migrations for Traps

  • SQL database migration
  • SSL certificate migration

Module 5: Advanced Traps Forensics

  • Best practices for managing forensic data
  • Agent queries
  • Resources for malicious software testing
  • Exploit challenge testing with Metasploit
  • Exploit dump analysis with windbg

Module 6: Advanced Traps Troubleshooting

  • ESM and Traps architecture
  • Troubleshooting scenarios using dbconfig and cytool
  • Troubleshooting application compatibility and BITS connectivity
Näytä lisää Sulje
Exclusive Networks

Kurssi järjestetään yhteistyössä Exclusive Networksin kanssa Spektri Business Parkissa.

Ilmoittaudu kurssille


Palvelussa voidaan käsitellä Elisan tietosuojaperiaatteissa kuvattuja henkilötietoja, kuten esimerkiksi nimi, yhteystiedot ja palvelun käyttöön liittyvät tiedot. Elisa on palvelussa käsiteltävien henkilötietojen osalta tietosuojalainsäädännössä tarkoitettu henkilötietojen rekisterinpitäjä.

Elisa käsittelee rekisterinpitäjänä henkilötietoja kulloinkin voimassaolevien tietosuojaperiaatteiden mukaisesti (https://elisa.fi/sopimusehdot) ja (https://elisa.fi/tietosuoja).

Elisalla on oikeus käyttää palveluiden tuottamisessa ja henkilötietojen käsittelyssä alihankkijoita.


When using the service, the following types of personal information may be handled; name and contact information, employee information and other information from the client company, end user information, information related to use of the service and customer satisfaction information. This information is needed for the maintenance and development of the service. In terms of the personal information being handled, the customer is the controller as intended in information protection legislation and the service provider is the handler.

The customer's personal information is to be handled in the manner outlined in the agreement and this service description in order to provide and develop the services. Any other handling of the customer's personal information and its effect on costs in accordance with the General Data Protection Regulation are to be agreed upon separately between the parties to the agreement.

The provider or their subcontractor may collect data for the maintenance, improvement or analysis of the service. The provider reserves the right to use subcontractors in the production of their services and sub-handlers in the handling of personal information. The customer has the right to receive information on the provider's subcontractors and sub-handlers upon request.