Ch 1.2 Next Generation Firewall Architecture. Flashcards
1
Q
What is SP3?
A
Single-Pass Parallel Processing.
2
Q
How is Palo Alto different from traditional firewalls?
A
- It uses Packet inspection.
- A Library of application signature to distinguish between applications that have the same protocol and ports.
- Be able to identify potential malicious application that use non standard ports.
3
Q
Explain Single Pass.
A
- Traffic will pass on a single policy and get checked for:
- Antivirus Protection.
- Spyware protection.
- Data Filtering Protection.
- Vulnerability Protection.
4
Q
How many Planes does the Palo alto architecture have
A
- 2.
- Control Plane and Data Plane.
5
Q
What Is done in the Control Plane? and what interfaces are in the control plane?
A
- Management
- Configuration.
- Logging.
- Reporting.
- Management and Console interfaces.
6
Q
What is done in Control Plane?
A
- Signature Matching,
- Security Processing,
- Network Processing
7
Q
What Is done in the signature matching?
A
Stream-based uniform signature match including exploits, virus spyware.
8
Q
What is done in the Security Processing?
A
- App-ID
- URL Matching.
- Policy match.
- SSL/IPsec
- Decompression
9
Q
What is done in the Network Processing?
A
- Flow Control.
- MAC Lookup.
- Route Lookup.
- QoS.
- NAT.
