Traps 4.1: Deploy and Optimize (EDU-285)
Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Traps accomplishes this through a highly scalable, lightweight agent that uses an innovative new approach for defeating attacks without requiring any prior knowledge of the threat itself.
Course Overview and Objectives
Successful completion of this two-day, instructor-led course equips the student to deploy Traps in large-scale or complex configurations and optimize its configuration. Students will learn how to design, build, implement, and optimize large-scale Traps deployments: those with multiple servers and/or thousands of endpoints.
Upon completion of this course, students will be able to:
- Learn how to distribute Traps endpoint software in an automated way
- Prepare master images for VDI deployment
- Build multi-ESM deployments
- Design and implement customized policies
- Test Traps with exploits created using Metasploit
- Examine prevention dumps with windbg
Scope and Target Audience
- Course level: Intermediate
- Course duration: 2 Days
- Course format: Combines instructor-facilitated lecture with hands-on labs
- Platform supported: Palo Alto Networks Traps Advanced Endpoint Protection 4.0
- Security Engineers
- System Administrators
- Technical Support Engineers
Students should have completed “Traps: Install, Configure, and Manage” or (for Palo Alto Networks employee and partner SEs) “PSE: Endpoint Associate” training. Windows system administration skills and familiarity with enterprise security concepts also are required.
This class is comprised of the following modules focusing on equipping the student to deploy Traps in large-scale or complex configurations.
- Module 0: Course Introduction
- Module 1: Scaling Server Infrastructure
- Module 2: Scaling Agent Deployment
- Module 3: ESM Tuning
- Module 4: Windows Migrations for Traps
- Module 5: Advanced Traps Forensics
- Module 6: Advanced Traps Troubleshooting