mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-18 13:39:40 +03:00
65 lines
2.3 KiB
Markdown
65 lines
2.3 KiB
Markdown
# Workflows - Palo Alto NGFW Implementation
|
|
|
|
## Deployment Workflow
|
|
|
|
```
|
|
Phase 1: Planning
|
|
├── Document network topology and traffic flows
|
|
├── Define security zones and trust levels
|
|
├── Inventory applications and required access
|
|
├── Plan IP addressing and interface assignments
|
|
└── Define decryption policy scope and exclusions
|
|
|
|
Phase 2: Base Configuration
|
|
├── Configure management interface and system settings
|
|
├── Set up HA pair (active/passive)
|
|
├── Configure network interfaces and zones
|
|
├── Set up Zone Protection profiles
|
|
├── Configure routing (static or dynamic)
|
|
└── Integrate with DNS, NTP, LDAP/AD
|
|
|
|
Phase 3: Security Policy Development
|
|
├── Create Security Profile Groups (AV, AS, VP, URL, FB, WF)
|
|
├── Build application-based Security Policies
|
|
├── Configure SSL Decryption policies
|
|
├── Set up User-ID integration with AD
|
|
├── Create NAT policies
|
|
└── Configure DoS Protection policies
|
|
|
|
Phase 4: Logging and Monitoring
|
|
├── Configure Syslog/SIEM forwarding
|
|
├── Set up log forwarding profiles
|
|
├── Configure SNMP monitoring
|
|
├── Enable Cortex Data Lake integration
|
|
└── Create custom reports and dashboards
|
|
|
|
Phase 5: Testing and Validation
|
|
├── Validate application classification with Policy Optimizer
|
|
├── Test threat prevention with EICAR and test URLs
|
|
├── Verify SSL decryption certificate chain
|
|
├── Conduct penetration test against firewall
|
|
├── Review and remediate audit findings
|
|
└── Document final configuration baseline
|
|
|
|
Phase 6: Operations
|
|
├── Schedule automatic content updates
|
|
├── Monitor threat and traffic dashboards
|
|
├── Review Security Policy rule hit counts monthly
|
|
├── Conduct quarterly firewall rule review
|
|
├── Test HA failover quarterly
|
|
└── Upgrade PAN-OS per vendor schedule
|
|
```
|
|
|
|
## Change Management Workflow
|
|
|
|
```
|
|
1. Submit change request with business justification
|
|
2. Review impact analysis (affected zones, applications, users)
|
|
3. Approve through CAB (Change Advisory Board)
|
|
4. Clone current configuration as backup
|
|
5. Implement change in maintenance window
|
|
6. Validate with `validate full` before commit
|
|
7. Commit changes and monitor logs for 24 hours
|
|
8. Document changes in configuration management database
|
|
```
|