Need help? Call Customer Support | 800-301-3894

TRAPS 4.1: Deploy and Optimize (EDU-285)

Course Details

Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Successful completion of this two-day, instructor-led course should prepare the student to deploy Traps in large-scale or complex configurations and optimize its configuration.

Course Prerequisites

Students should have completed “Traps 4.1: Install, Configure, and Manage” or (for Palo Alto Networks employee and partner SEs) “PSE: Endpoint Associate” training. Windows system administration skills and familiarity with enterprise security concepts also are required.

Course Goals

Students should learn how to design, build, implement, and optimize large-scale Traps deployments: those with multiple servers and/or thousands of endpoints. In hands-on lab exercises, students will distribute Traps endpoint software in an automated way; prepare master images for VDI deployment; build multi-ESM deployments; design and implement customized policies; test Traps with exploits created using Metasploit; and examine prevention dumps with windbg.

Course Agenda

 Module 1: Scaling Server Infrastructure

• Small site architectures

• Large site architectures

• TLS/SSL deployment considerations


Module 2: Scaling Agent Deployment

• Distributing Traps via GPO

• Configuring Virtual Desktop Infrastructure with Traps


Module 3: ESM Tuning

• Tuning ESM settings

• External logging and SIEM integration

• Role Based Access Control (RBAC)

• Defining Conditions

• Tuning Policies

• Implementing ongoing maintenance


Module 4: Windows migrations for Traps

• SQL database migration

• SSL certificate migration


Module 5: Advanced Traps Forensics

• Best practices for managing forensic data

• Agent queries

• Resources for malicious software testing

• Exploit challenge testing with Metasploit

• Exploit dump analysis with windbg


Module 6: Advanced Traps Troubleshooting

• ESM and Traps architecture

• Troubleshooting scenarios using dbconfig and cytool

• Troubleshooting application compatibility and BITS connectivity

Details Options
  • Date: 06/27/18 - 06/28/18
  • Location: Chicago, IL (map)
  • Date: 06/27/18 - 06/28/18
  • Location: Instructor Led Online Course
  • Date: 09/06/18 - 09/07/18
  • Location: Chicago, IL (map)
  • Date: 09/06/18 - 09/07/18
  • Location: Instructor Led Online Course