Red Education wins the fifth consecutive Palo Alto Networks APAC Excellence in Training Award for 2017

APAC excellence in Training Award Trophies

 

SYDNEY — Sep. 5, 2017 — Red Education today announced receiving its fifth successive Palo Alto Networks® APAC Excellence in Training Award for the year 2017.

This award marks the fifth win after receiving the same recognition for the years 2013, 2014, 2015 and 2016. The awards were announced during the Palo Alto Networks Sales Kickoff event, which took place on 28 – 30 August 2017 in Las Vegas, Nevada.

APAC excellence in Training Award - Elite ATC Badge

Endorsing Red Education’s performance and achievements, Palo Alto Networks recognise our company as an Elite Authorised Training Centre.

During the last financial year, August 2016 – July 2017, the company delivered over 120 courses, training around 800 IT security specialists on a range of Palo Alto Networks technologies.

“We’re proud to receive the APAC Excellence in Training Award for the fifth consecutive year.” Rob Howard, Managing Director at Red Education commented. “This award is recognition by Palo Alto Networks of our outstanding training delivery and effective enablement. It is also an acknowledgement of our trainers’ capabilities and commitment to excellence. This is the result of hard work, experience and, above all, passion for enabling security experts across Asia Pac on Palo Alto Networks technologies”.

“It was a fantastic event where all partners and distributors gathered to celebrate success together.” Chris Wong, Regional Director – Asia, noted. “The theme of this year’s SKO was What We’re Made of. Such an exciting theme that comes with great content and an anticipation to witness the innovative ideas Palo Alto Networks are bringing along in FY18.”. Chris further added:”I can’t reveal more as whatever happens in Vegas stays in Vegas!”.

To learn more about Palo Alto Networks training courses or to register, please visit Red Education’s course schedules.

About Red Education

Red Education is the leader in specialist training and professional services for the IT community across Asia Pacific including Australia, New Zealand, ASEAN, Greater China, Japan, Korea and India. Since its inception in 2005, Red Education has delivered over 50,000 training seats to every major enterprise, government agency and service provider across the region. Providing vendor accredited in-class, on-site or virtual training, Red Education courses blend theoretical concepts with practical hands-on lab exercises and are delivered by instructors who have years and decades of practical experience.

###

Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.

Palo Alto Networks new course. evolutionary, you say?

Palo Alto Networks new course 210

 

As time goes on, having worked for Red Education for coming up to 7 years, it’s been great to see the evolution of the courses that are offered in Red Education’s portfolio.

In particular the new Palo Alto Networks Firewall 8.0 Essentials: Configuration and Management (210) course. This is a brand new 5-day course that has been built from Palo Alto Networks existing 201205 and 231 courses. I’ve run these courses individually for a number of years, and it’s been great seeing a vendor actively improve their courses through each iteration of material. This latest change, however, tackles some issues that were inherited with the course layouts themselves. Each course as a stand-alone, in my honest opinion, was awesome. The 201 helps newcomers get started with the (admittedly very different) firewall technology, setting a solid foundation. The 205 extends this knowledge giving practical applications for the concepts covered in the 201. Finally, the 231 would then take that knowledge, and give real world examples of threats and how to use the Palo Alto Networks Platform to combat them. A common concern however, is that there was always an overlap for students who wanted the whole gamut. It’s an unfortunate by-product of having individual courses.

Palo Alto NetworksLate last year, Red Education was lucky enough to be invited to Palo Alto Networks Tech Fest, where their internal instructors, as well 8 Elite external instructors (myself included) got together to discuss the ins and outs of the technology as well as the methods of instruction and “tricks of the trade” if you will. During my time there, the new course was discussed, and I had the opportunity to meet the course development team. It was great to see the level of professionalism and structure they had in place to ensure that any issues with current courses were being addressed. The level of interaction with instructors, that was encouraged for new content creation, was plausible. What this boils down to is that, as new content and courses get released, we can have faith that they will ALWAYS improve. This new course is a product of that methodology.

When our experienced instructors at Red Education run instructor-led training, we often have a tendency of taking students off the beaten path by performing live demos, or bringing in real world examples of situations that the course material often fails to adequately express. Unfortunately (for me) a lot of the demos I have found myself performing during the 201 and 205 classes are now included in the 210 courseware itself!

So what is the new 210 course?

Well, to put it shortly, it’s a 5-day course, built from 7 days worth of course content. By combining 3 separate courses into 1 concise block, the previously mentioned issue of overlapping concepts is a thing of the past. Students are now able to attend a 1 week course, and leave with not only a solid foundation around the Palo Alto Networks Platform, but will also be armed with real world examples of malicious traffic, enabling them to be capable of combating them when they return.
Some would say this is a revolution of the courses Palo Alto Networks offers, as opposed to an evolution. I’ll leave that up to you! See you next training.

 

Ronen

Written by Ronen Meshel
You can read more about Ronen on his website: ronen.it/

Press Release: Red Education Was Awarded Palo Alto Networks NextWave 2016 APAC Excellence in Training Award

red-education-palo-alto-award

SYDNEY Dec. 22, 2016 — Red Education today announced it received the Palo Alto Networks® NextWave 2016 APAC Excellence in Training Award for the fourth consecutive year. The winners were revealed during the Palo Alto Networks Sales Kickoff event in Nashville, Tennessee.

Red Education has been an Authorised Training Centre (ATC) of Palo Alto Networks for over five years and has been recognised as a Palo Alto Networks Elite ATC, acknowledging their top-tier performance in APAC for student volume and satisfaction. Throughout the last financial year, August 2015 – July 2016, the company delivered 116 courses, training 750 IT engineers and architects on various Palo Alto Networks security technologies.

Brett Eldridge, SVP of Global Customer Services at Palo Alto Networks said, “Red Education consistently meets the stringent criteria required to deliver to customers and partners of Palo Alto Networks the skills and knowledge needed to help protect our digital way of life. As a leading ATC for Asia-Pacific, we have recently expanded Red Education’s geographic coverage to include Japan, and we are delighted to award Red Education with the APAC Excellence in Training Award for the fourth year in a row.”

“It’s an honour to be awarded the APAC Excellence in Training Award for the fourth year running,” Rob Howard, Managing Director at Red Education noted. “This speaks to the amazing capability of our trainers, not just on the technology, but in their ability to run excellent, highly educational classes. We frequently have repeat customers attending our classes, building on their skills and knowledge of cybersecurity and the market-leading Palo Alto Networks Next-Generation Security Platform. It’s those people – partners and customers – who we serve, and we enjoy the responsibility that comes with delivering an outstanding learning experience.”

In addition to training, Red Education has extensive experience with deploying Palo Alto Networks next-generation security offerings into large and medium enterprise environments.

To learn more about available cybersecurity training courses or to register, please visit Red Education’s course schedules.

About Red Education

Red Education is the leader in specialist training and professional services for the IT community across Asia Pacific including Australia, New Zealand, ASEAN, Greater China, Japan, Korea and India. Since its inception in 2005, Red Education has delivered over 30,000 training seats to every major enterprise, government agency and service provider across the region. Providing vendor accredited in-class, on-site or virtual training, Red Education courses blend theoretical concepts with practical hands-on lab exercises, and are delivered by instructors who have years and decades of practical experience.

###

Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.

 

Happy Friday!

To ring in the weekend on this glorious Friday, here is a good way to spend 8 minutes.

Enjoy the smooth words from the Palo Alto Networks Ignite Speech for 2016.

 

Palo Alto Networks SSL Interception and Google Chrome’s QUIC

SSL interception on Palo Alto Networks (PAN) devices can be super powerful and is often considered a must if you’re not content with just seeing “SSL” come up as the application. Offloading this SSL traffic means we can no longer scan it for things like viruses, spyware, or even file content we might not be content with letting out (or into) our network (double “content” intended, now known as 2CON).

As you are probably aware, SSL interception requires a Signing CA to be imported (or generated) to be used as a Forward-Trust certificate on the PAN device. Do NOT use the same certificate as the Forward-Untrust as you will then be issuing valid certificates to clients for sites that have Untrusted-Issuers themselves. Once this is ready to go, you will need to import it into every client who will be intercepted. Without this CA on workstations, users will be constantly prompted with every HTTPS site they visit, and the certs issued are from an unknown issuer. Fair enough.

Googles Chrome is a little interesting in this regard. More than just “Best Practice” you really do not want your users to get used to adding exceptions for sites. Chrome takes it a step further, basically stopping you entirely from accessing Google Apps and sites if Chrome sees a non-trusted certificate. There is no option for adding an exception and continuing. You just… Stop.

Google Error: Your connection is not private

Here you can see the reason for the error is CERT_COMMON_NAME_INVALID, hinting at a different issue, not an untrusted issuer!

 

Thankfully, doing the right thing and importing the CA into your OS fixes this (Chrome uses the same certificate store as Windows/IE/Edge). An even better approach, if your clients are all on the domain, is to use a CA that has been issued by the domains CA. That way, thanks to the chain of trust, they already trust the issuer. Happy days (unless you’re a firefox user as it uses a different cert store).

You would be forgiven for thinking at this point that everything is honky-dory. The issue is this semi-awesome thing called QUIC. You can read the wiki article about it here, but essentially, some of the folks at google have been working on an experimental way to improve perceived perception of the performance of HTTPS sites. Perceived perception… Anyway, QUIC uses multiplexed UDP connections to handle equivalent SSL/TLS negotiations. PAN detects this as an application, and you can block it if you like. The issue we have here, is our SSL interception won’t be triggered. We will see the QUIC protocol taking effect, then SSL traffic. We can’t generate a cert for the site in question as we don’t see the original cert being transferred. What this leads to is no interception of any site that has QUIC enabled, assuming clients are using Chrome, and its in its default state. The good news is most servers/sites aren’t very quick on their uptake of QUIC (2QUIC). As of today, (May 12,2016) www.google.com for example does NOT utilise QUIC, but YouTube does! This affects Chrome on Windows, Mac, Linux, Chrome OS, and Android. I have long defected from iOS and the Apple Eco-System, so you would need to test Chrome on an iOS device to confirm if it behaves in the same way.

More good news, it’s not too difficult to fix. As an end-user, all you would need to do is type chrome://flags in your browser, then scroll down to the “Experimental QUIC protocol” field, and toggle it to disabled:

Modify the Experimental QUIC field to have a value of “Disabled”

 

Once complete, you will need to restart Chrome and test. A visit to YouTube will confirm that SSL interception is now working! I would recommend watching a video while confirming that the certificate being displayed is issued by your CA. You will need to open it in a new window of course.

The PAN device might actually still detect the YouTube app regardless of SSL interception status, after you have visited YouTube for extended periods of time, I would pop over to gmail, login and confirm the cert is issued by you, and test by sending an email with some explicit text that should be blocked by a custom file blocking profile on a test policy (You would need to create this ahead of time). Something like “The new Macbook is great” would be a great string to block.

You can push these settings through Group Policy for your domain users, although I have found it’s a little hit and miss and may be dependent on which version of Chrome a user has. Also, I’ve heard that even with the change in place, if you go to Chrome://flags it may incorrectly still display enabled, even though under the hood it is indeed disabled. The proper test is to go to a site you know is QUIC enabled, like gmail, and confirm that SSL interception is working on that client.

More information can be found on Palo Alto Networks LIVE site here.

Ronen Meshel

Written by Ronen Meshel
You can read more about Ronen on his website: ronen.it/

Get Ready for Palo Alto Networks PCNSE Certification

Red Education, the multi award winning Elite Palo Alto Networks Authorised Training Centre has increased the availability of courses through to June 30 to help you meet your certification needs on the Palo Alto Networks cyber security solution range.

For details on the PCNSE certification, please see here.

For upcoming dates on the Essentials 1 – 201 and Essentials 2 – 205 courses, please see here.