Академический Документы
Профессиональный Документы
Культура Документы
Agenda
Integration of SAAS Application to Palo Alto Aperture
Before you can establish communication between the Aperture service and the Microsoft
Office 365 SharePoint and OneDrive apps, you must:
Super Admin
Admin
Limited Admin
Read Only
Custom Role
2. Select Untrusted and enter the email address in untrusted users and the
domains in untrusted
VLAN
Loopback
Tunnel
Interface type:
TAP
HA
Virtual Wire
Layer 2
Layer 3
Decrypt Mirror Virtual-wire
Aggregate
Layer 2
Layer 3
Application, User, and Content •App-ID, Content-ID, User-ID, •All of the virtual wire mode
visibility without inline and SSL Decryption. capabilities with the addition of
deployment. Layer 3 services: virtual
Evaluation and audit of existing routers, VPN, and routing
networks. protocols.
Tap interfaces must be assigned to a security zone for ACC and reporting
capabilities.
Security
Zone
Interface
Type: TAP
Enable
multicast
addresses
23 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Configuring Virtual Wire Interfaces
Network>Interface>Ethernet
Interface Type
Security Zone
Allows for the assignment of incoming traffic to different ingress and egress
security zones by either:
VLAN tags
VLAN tags and IP classifiers (source IP)
Traffic from different VLANs can now be assigned to different zones and then
managed by different security policies.
Switching between
network segments
Routing between
networks
Physical Layer 2
interfaces and
Layer 2
subinterfaces in the
VLAN objects
Security Zone
IP Address:
Static or DHCP client
DHCP server or DHCP relay
Virtual router:
Contains a set of static and dynamic routes used by a specified group of interfaces
Virtual Router
Security Zone
IP Address
Interface
MGT profile
Network>Virtual Routers
Reverts to the virtual router table if the PBF policy destination is unreachable.
It does not
reference traffic
tagged with VLAN
ID
VLAN object
associated with this
VLAN interface
Virtual Router
Security Zone
Security Zone
LACP is supported.
For Layer 3,
add IP address