In this video I will be configuring a Palo Alto PA-220 firewall with SSL Decryption. This video is part of my series on Building an Enterprise Network. If you are new to the channel, please consider subscribing.
In this episode I will be deploying a WSUS server running on Microsoft Windows Server 2019 leveraging virtualization using VMware ESXi and vCenter. WSUS will be used to pull patching down from the Microsoft’s servers so internal SECNET servers can install patches. This server will help to ensure servers that do not require internet access remain blocked from it.
In this episode I will be building two Linux DNS and NTP servers using Ansible based on CentOS 8.0. This episode is a part of my video series on Building an Enterprise Network that I call Secured Enterprise Core Network (SECNET). The DNS and NTP servers will be used as a relay to reduce and prevent systems like the Active Directory Domain Controllers from reaching directly out to the Internet.
— Video Content —
00:00 – Intro
00:37 – Configure Palo Alto Firewall Security Policies
7:58 – Adding DNS & NTP A records to AD DNS Servers
12:54 – Review Palo Alto Firewall Security Policies
15:35 – Deploying HQDNS1 and HQDNS2 (VMware Template)
18:45 – Initial Configuration for HQDNS1
20:35 – Initial Configuration for HQDNS2
22:15 – Configuring Ansible Inventory and Config File
26:15 – Joining Linux Servers (HQDNS[1,2]) to AD Domain with Ansible
27:55 – Reviewing Ansible DNS Server Role
30:15 – Running Ansible DNS Server Role
30:55 – Validate Ansible Role Ran Successfully
33:30 – Configure Active Directory DNS Servers
39:40 – Update Palo Alto Firewall DNS and NTP Servers
42:49 – Outro