Ad – Purchase on Amazon
Last updated on November 7th, 2024 at 08:08 am
November 2024
In November 2024, Palo Alto Networks Education Services announced a new certification framework. The new certification frameworks are role-based to align with real-world job roles. As part of this, the PCNSE certification was placed in a “Legacy” category.
According to PAN Education Services ” “legacy” certifications have a broader scope, covering topics across multiple products and roles. Eventually, the legacy certifications will be updated to align with more specific job roles and / or replaced by new role-specific certifications.”
Here is a link to the announcement on LinkedIn
Either I see posts or am asked about training for Palo Alto Networks (PAN) certifications. Studying for anything, people learn differently from one person to another. As a SCUBA, First Aid, and CPR Instructor, I experienced some students who learn one way, but that way did not work for some. For example, the official training manual did not come across well with a subject, but another manual or a website did.
When studying for a certification, it helps to use multiple study resources. Numerous and diverse resources help with knowledge of a product, technology, configuration, or troubleshooting. I used multiple resources to study for my PAN, Cisco, and AWS certifications, contributing to my exam success and being hands-on with my career.
PAN provides very good resources, both written with their Study Guides and visually with their training videos via Beacon. Fortunately, these resources are free. For some vendors, their official training can cost thousands of dollars.
Official Palo Alto Networks Study Resources
The Study Guides are good and nicely logically laid out. However, the fundamental or deeper knowledge of some subjects they rely on links to online documents, and many refer to the PAN-OS Administrator’s Guide. Also, in the Study Guides are practice questions that I recommend, though as of a couple of years ago, some were very vague, and I found some that were incorrect. The Study Guide is a good start, and if the certification has a Blueprint that can be used as a checklist when studying each domain.
Click here to go directly to the official Palo Alto Networks PCNSE resources page (with the study guide).
The PAN video training site, Beacon, offers a quality, in-depth, and broad video training catalog on their products and services. Over the past couple of years, they have improved the Beacon site and video quality. Recently Beacon version 3 (version 3 of their video training site) was released and, in PAN fashion, an improvement of the previous. Though Beacon is known for videos, documents like the Study Guide are available as part of the study/training/certification path on the Beacon site.
Does hands-on experience help with certification study? It sure does!
My experience and the feedback from others recommend having hands-on experience. Today, there are many resources for getting hands-on experience with a product or technology. Here is a summary of the options, and by no means detailed or complete.
Hardware. Many who have been in IT for a while with Cisco certification(s) know one option is used hardware that was usually old, replaced company hardware, or acquired on eBay. Hardware is a good option but can be expensive and limiting if there is a need for multiple devices. PAN does offer the purchase of equipment to be used in only a lab environment and costs a fraction of the full price. Also, the Dynamic updates (Anti-virus, Threat Prevention, DNS Security, URL Filtering) are sold as a package for lab devices and a fraction of the full price. Your PAN Sales Representative can provide more information.
Online labs. Online hardware labs are growing in popularity and are available from multiple sites. These are viable and cost-effective resources, though some have a limited time window when purchased, such as 90 days or six months. Many also provide lab workbooks to help with configuration and studying when using their service. One provider I have successfully used is NDG, and their labs are terrific, along with their lab guides. Their prices are very fair as well.
The Fuel User Group has a lab environment available.
Virtual machines (VM). One resource I have used for many years is virtual machines which I prefer to use for Cisco, PAN, Arista, Linux, and other products or technologies. I have and still use GNS3, though EVE-NG is another option and is like GNS3. GNS3 emulates the hardware, so the actual OS is used. The virtual machine option can use locally installed VM software like VirtualBox or a VM server like VMware ESXi. There are options to use this in a hosted or web platform. The VM option can have some limitations with supported features. Check any documentation or forums, as there may be a limitation with some features in a VM environment.
I favor the VM option because I can create custom and diverse networks for studying and testing configs for projects at work. However, one challenge with using the VM option is that you need to provide the OS. Some vendors provide their OS for free like Arista, and some have a limited-day trial. PAN provides a 30 day trial for their VM firewall.
Because I work with different vendor products and am responsible for network design and configuration, I use GNS3 and have a used VMware ESXi server at home. Because of the memory and CPU needs of creating these networks, I purchased a used server from eBay. This helped me with my studies and network designs. I have one design in GNS3 that includes Cisco and Arista switches and PAN firewalls. This design and configuration in GNS3 ported well at work in a real production network.
What about other resources for studying for a Palo Alto Networks certification?
In addition to what I listed above, there are the Palo Alto Networks PAN-OS Administrator Guides, Best Practice Guides, Knowledgebase, and Live Community. When studying, these are highly recommended resources and necessary when responsible for PAN products or services.
There are countless YouTube videos for PCNSE and specific PAN products and technologies. I have recommended and used some of these YouTube channels: Palo Alto Networks, Live Community, and Strata by Palo Alto Networks.
LinkedIn Learning (formerly known as Lynda). I have not reviewed the training on LinkedIn, but including here as an option.
Other resources that I recommend and have used.
Early in my career, I, and many, have relied on third-party resources as most vendor documentation left a lot to be desired (Novell NetWare, anyone?). Today many vendors now offer thorough and easy-to-follow documentation. However, I still find third-party material very helpful, especially if struggling to understand a concept or create a configuration.
The Palo Alto Networks Live Community occasionally holds PCNSE study bootcamps. Click here to go to the Blogs page to stay up to date on future bootcamps, and follow the Palo Alto Networks Live Community on LinkedIn.
The Fuel User Group is a group of Palo Alto Networks enthusiasts and a great community and resource. Their site has articles written by their members and offers a third-party view of technology, configuration, or troubleshooting. They also host local gatherings and yearly conferences, and multiple helpful resources. I highly recommend checking them out and joining.
I have read the Mastering Palo Alto Networks book written by Tom Piens, a very knowledgeable and active member of the PAN Live Community. The book does not go into in-depth detail about a feature or configuration. Still, there is an explanation, step-by-step, and an excellent start for anyone getting into Palo Alto Network firewalls. Also, a good reference for those experienced with PAN firewalls. Also, I highly recommend this book as part of the PCNSE study.
Ultimate Test Drive is a webinar that Palo Alto Networks provides with instructed hands-on for some of their products. Though the UTD is meant for getting pre or post-purchase hands-on with their product, or services, it is another resource that can be used as a training resource.
What about paid training?
My first training with PAN firewalls was with CBT Nuggets. Another well-known IT training is from GlobalKnowledge. I’ve only demoed their content, but Stormwind Studios‘ content is very good. There are many paid training options, and most are very good. One benefit of paid training is usually the high quality of the material. Also, with many paid training resources, there is an option to attend a live class and interact with an instructor and fellow students. With most of them, if you attend an on-demand class, you can reach out to the instructor.
I’m a big fan of Udemy training, as I have purchased at least three dozen courses. One benefit of Udemy is the diversity of training, and it’s from a third-party perspective. There are some poor-quality courses on Udemy, but many more are excellent, so if the course is of poor quality, there is a 30-day money-back guarantee. If your timing is right, you can get a course for less than $10.
I read the Study Guide, viewed the video training, or attended a paid course, and have hours of hands-on experience, so do I need practice tests? Yes.
I always used practice tests for all my certifications if they were available. They help gauge the knowledge of a product, technology, or subject(s) of the exam. I’ve read about or spoken with students who used practice tests preparing for an exam, and all said it contributed to their study or exam success, also, from many who used my practice tests. Most practice tests are online and emulate the exam and should be diverse with the subject matter and question types, for example, true/false, multiple-choice, and multiple-select.
Care should be taken, as, unfortunately, there are fake or lousy practice tests, and some may be a brain dump. I won’t go into exam dumps, but they should be avoided as they are not ethical and can devalue a certification. Unfortunately, many students try to pass an exam using only practice tests, and most usually fail the exam. Practice tests supplement official training, for example, the study guide with video training (Beacon) and hands-on experience.
The practice test(s) should have a large bank of questions as this helps by using diversity, so a subject is phrased differently, covers the subject, and possibly from different angles. Also, most exams use a large bank of questions, so should a practice test.
Exam Discounts
If you are not in a hurry to take the certification exam, you can see if there’s a discount on the cost of the exam. The only way I know when Palo Alto Networks Education Services offers exam discounts is on their LinkedIn page (a LinkedIn account is required). On LinkedIn, they will post current discounts with a discount code and other info.
It’s been a while since I’ve seen them, but sometimes they offer free exam vouchers when attending some events, usually webinars. The last one I experienced was one of their online PCNSE study sessions. If you are aware of anywhere else discounts are advertised or offered, let me know, and I will add that info here.
Summary
The resources in this post are by far not a complete list when studying for a PAN certification, as they are what I have used or currently use. The PAN Study Guide, Beacon video training, and hands-on experience should be a minimum when studying for a certification. When studying, keep in mind that this is not only for certification, but employment, whether a project, day-to-day, or in an interview when job searching.
Copyright © Packet Passers 2024