View details at bit.ly/28JlJoc. Guidelines and best practices when building and reviewing your security policy. Let's take a closer look at zones, security profiles, and more. See more and learn more at live.paloalton...
Great video, I really would've loved to see more of "configuring security policy" best practices in terms of overall rule positioning i.e. top rules vs more specific or block rules etc. best practice to get started with a well structured sec policy and also cover more on app dependencies in a sec rule etc. thanks!
Based on the policy match Palo Alto design + the rules order from the video ( with first rule with deny) , wouldn't all the traffic from the zones and subnets mentioned in the rules be Blocked by default, thus making the below rules to have no hits?
No, only the traffic that matches the applications configured in the blocked-apps-filter object will be denied by the first rule. Other traffic (read other applications) will not match this rule and will hit the below rules.
There are many things you can do to limit bandwidth. One way is with QoS. Please check out this video for more info: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-7fU91SZ5xDk.html