martin 
When it comes to planning your authentication and authorization strategy in Azure, it is useful to know what you can do with Azure RBAC roles. Azure RBAC is an authorization fabric built on Azure Resource Manager. It is useful for defining fine-grained access privileges for accessing resources in Azure. The key concepts of Azure RBAC … Read more
I often need a Palo Alto firewall to test new features or just to try out a lab exercise. But a hardware appliance is not always available. Running a virtual firewall in a home lab environment using GNS3 or Eve-ng is useful. But typically, I need to be connected to the home network to use … Read more
Cloudwatch Insights allows you to search and analyze your log data that was sent to Amazon CloudWatch. CloudWatch Log Insights automatically discovers fields in logs from AWS services such as Amazon Route 53, AWS Lambda, AWS CloudTrail and Amazon VPC When you navigate to Logs Insights in the AWS Console and select the log group … Read more
I recently had a requirement to review the Panorama configuration for a specific template. One option would have been to log on to the Panorama GUI, select the template and start going through each tab and option in Panorama to see all the configuration in that template. But this would have been time consuming. I … Read more
Capture filters are filters specified in Wireshark BEFORE you start the capture. It allows you limit the traffic captured to the packets that match your filter. This is different from the display filters in Wireshark. You use the display filters AFTER you have captured packets so that the packets that are displayed are limited to … Read more
What is dumpcap? Dumpcap is a network traffic dump tool that is installed as part of the Wireshark installation package. Because Wireshark offers a simple-to-use GUI, we are usually able to use Wireshark without needing to interact with some of the lower level packages that really make Wireshark work. One of such packages is dumpcap. … Read more
1. Creating separate profiles for different troubleshooting tasks By default, when you open Wireshark, you are running the default profile. You can confirm this by looking at the bottom right corner of your Wireshark interface. Now, within that default profile, you can make changes. For example, you can add a column for ‘Destination port’. If … Read more
In this post, I cover the upgrade of a Palo Alto firewall using an Ansible playbook. Even though this playbook covers the upgrade of a single firewall, the real benefit comes where you have tens or hundreds of firewalls to upgrade. With the same playbook, you can upgrade all the firewalls simply by ensuring that … Read more
In this post, I summarize the AWS fundamental building blocks covered in the AWS Solutions Architect Associate exam.
Palo Alto Networks firewalls support a process known as ‘bootstrapping’ which allows you create a repeatable way of provisioning your new firewalls. It allows you deploy basic configuration to the firewall upon startup.