Panorama Training

Managing Firewalls at Scale (EDU-220)

!! Legacy Course !!

Award-winning live online course

Experienced Instructors

Virtual Labs Access

Video Recordings

Get a quote for Business

Important Update: Panorama: Managing Firewalls at Scale (EDU-220) Course Retirement

Effective May 10, 2025, the Panorama: Managing Firewalls at Scale (EDU-220) course will be retired.

Palo Alto Networks has introduced an updated training program to better reflect the latest capabilities of Panorama. Customers looking for Panorama training can transition to:

Panorama: NGFW Management – A direct update to the “Panorama: Managing Firewalls at Scale” (EDU-220) course, covering the management of Next-Generation Firewalls at scale. Customers managing Palo Alto Networks Next-Generation FireWalls with Panorama should take this course – Panorama: NGFW Management (EDU-220 replacement).
Panorama: Centralized Network Security Administration – A two-day course covering Panorama fundamentals for the management of Prisma Access. Customers managing Prisma Access with Panorama should take this course – Panorama: Centralized Network Security Administration. It only covers the Panorama fundamentals relevant to Prisma Access, and therefore, customers should also take the Prisma Access SSE: Configuration and Deployment course to learn about Prisma Access.
Panorama: Centralized Network Security Management – A three-day course that includes Panorama NGFW Management alongside Panorama-managed Prisma Access. Customers managing both Palo Alto Networks Next-Generation FireWalls and Prisma Access with Panorama should take this course – Panorama: Centralized Network Security Management. Customers should also take the Prisma Access SSE: Configuration and Deployment course to learn about all the functionality of Prisma Access as this course only focuses on the Panorama fundamentals to manage Prisma Access.

For more details on these new courses and to find the best fit for your needs, please contact us.

The “Panorama: Managing Firewalls at Scale” (EDU-220) course covers the following content:

Adding Firewalls to Panorama

Adding New Firewalls to Panorama

Add a FireWall
Automated Commit recovery
Automatically Add multiple FireWalls via CSV import
Tagging
Organizing Summary Information
Secure Communication Settings
Manage device licenses
Master key

Upgrade firewalls from Panorama

Deploy Content ID Updates to firewalls from Panorama

Lab

Set location for firewalls
Copy serial firewall numbers
Configure firewalls to communicate with Panorama
Add firewalls to Panorama
Modify Summary Window columns
Assign firewall Tags
Verify firewall licenses
Schedule Dynamic Updates for firewalls

Initial Configuration

Panorama solution overview

Deployment options

Panorama platforms

Register and License Panorama

GUI overview

Panorama License and Software update

Plugin Architecture

Services and Interface Configuration

Panorama Commits

Configuration Management

Config Operations
Manage Backup incl. export device state from FireWall
Config export

Lab

Lab Overview
Connect to the lab environment
Log in to the Panorama appliance and both firewalls
Document configuration and license information
Configure Panorama Management Interface
Configure Panorama Settings
Schedule automatic config exports
Schedule Content Updates
Save and export Panorama configuration
Commit changes

Templates

Templates overview

Configuring templates

Device configuration via template
Local overwrite

Template Variables

Overview
Configuration

Real-life use cases and best practices

Lab

Create templates
Create template stacks
Create template variables
Push the template stack to managed devices

Device Groups

Device groups overview

Configuring Device Groups

Setup Device-group hierarchy
Group and push to HA Peers

Objects

Create an object – shared/disable override
Override
Move
Device Group and template mapping

Policies

Rules Hierarchy
Rulebase structuring
Configure rules
Move Rules
Rulebase preview
Unused Rules
Policy rule targets

Rule changes archive

Audit Comments
Tag-Based Rule Groups

Real-life use cases and best practices

Lab

Create device groups
Configure device group settings

Log Forwarding and Collection

Design Considerations for Deployment

Log storage and retention

Determine the Log Rate
Storage calculation
Log retention

Planning Considerations

Panorama log event forwarding

Lab

Configure log forwarding on the firewalls
Configure log settings on the firewalls
Confirm log forwarding

Using Panorama Logs

Customizing Log Tables

Using Filters in Log Tables

Exporting Filtered Data

Lab

Customize Log Tables in Panorama
Create and Apply Filters in Log Tables
Export Filtered Data

Administrative Accounts

Authenticating Panorama administrators

Panorama authentication methods

Admin Role

Creating Administrative Accounts

Custom Panorama Admin incl. Admin Role
Device Group and Template Admin incl. Access Domain and Admin Role
Password Profile and Password Complexity

External Authentication

Authentication Profile
LDAP Server Profile

Concurrent Administration

Config Lock

Lab

Create LDAP and RADIUS Server Profiles
Configure Authentication Profiles for LDAP and RADIUS
Configure admin roles
Configure admin accounts
Create access domains
Demonstrate the use of commit locks

Aggregated Monitoring and Reporting

Data Sources Used by Panorama

Operational Information Available in Panorama

Reporting Capabilities in Panorama

Lab

Examine Panorama ACC data
Run reports on Panorama
Explore App Scope
Identify and respond to threats

Troubleshooting

Health and Summary Information of Managed Firewalls

Troubleshooting Communication Issues with Panorama

Troubleshooting Commit Errors

Test policy functionality

Lab

Troubleshoot connectivity issues with a firewall
Troubleshoot various commit errors
Troubleshoot loss of internet connectivity

Add-On: Transition a Firewall to Panorama Management

This is an additional module which is not part of the official course. The instructor will demo the import of an existing FireWall’s local configuration into Panorama and explain various caveats.

Overview of Use Cases