Palo Alto Networks Exam PSE-SoftwareFirewall Topic 1 Question 2 Discussion

Actual exam question for Palo Alto Networks's PSE-SoftwareFirewall exam

Question #: 2
Topic #: 1

Which two configuration options does Palo Alto Networks recommend for outbound high availability (HA) design in Amazon Web Services using a VM-Series firewall? (Choose two.)

ATraditional active-active HA

BTransit gateway and Security VPC

CTraditional active-passive HA

DTransit VPC and Security VPC

Show Suggested Answer

Suggested Answer: B, D

Transit Gateway and Security VPC:

Using a transit gateway in conjunction with a Security VPC is a recommended design for outbound high availability (HA) in AWS. This configuration ensures that traffic can be routed efficiently and securely through the VM-Series firewalls deployed in the Security VPC.

Palo Alto Networks AWS Design Guide

Transit VPC and Security VPC:

Another recommended approach is to use a Transit VPC along with a Security VPC. The Transit VPC provides a centralized routing hub, while the Security VPC hosts the VM-Series firewalls to inspect and secure outbound traffic.

Palo Alto Networks AWS Transit VPC Guide

by Slyvia at Jul 12, 2024, 08:41 AM

Limited Time Offer

25%

Off

Get Premium PSE-SoftwareFirewall Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Carlene

10 months ago

I'm not sure about option D, Transit VPC and Security VPC. I think it might not provide the same level of high availability as the other options.

upvoted 0 times

...

Laurena

10 months ago

I'm going to have to go with B) Transit gateway and Security VPC. It's the Palo Alto recommended solution, so it must be the best choice, right?

upvoted 0 times

...

Shantell

10 months ago

D) Transit VPC and Security VPC? Sounds like a lot of moving parts. I'd rather keep it simple with the traditional HA options.

upvoted 0 times

Veta

9 months ago

D) Transit VPC and Security VPC can provide additional security measures for outbound traffic.

upvoted 0 times

...

Lore

9 months ago

C) Traditional active-passive HA is also a good option to consider.

upvoted 0 times

...

Aide

10 months ago

A) Traditional active-active HA is a solid choice for outbound high availability.

upvoted 0 times

...

Golda

10 months ago

I agree with Glenna, traditional active-active HA and Transit gateway with Security VPC make sense for outbound high availability.

upvoted 0 times

...

Garry

10 months ago

I'm going with A) Traditional active-active HA. It's the classic HA setup and should work just fine in the cloud too.

upvoted 0 times

...

Queen

10 months ago

C) Traditional active-passive HA seems like the more straightforward option. Why complicate things with all these VPCs and gateways?

upvoted 0 times

Melinda

9 months ago

A) Traditional active-active HA is more complex but offers better load balancing.

upvoted 0 times

...

Dominque

10 months ago

B) Transit gateway and Security VPC provide additional security and flexibility.

upvoted 0 times

...

Elfrieda

10 months ago

C) Traditional active-passive HA is simpler to set up and manage.

upvoted 0 times

...

Carlene

10 months ago

A) Traditional active-active HA is recommended for better performance and redundancy.

upvoted 0 times

...

Glenna

11 months ago

I think option A and B are the recommended configuration options.

upvoted 0 times

...

Lindsey

11 months ago

I think B) Transit gateway and Security VPC is the way to go. It's the most scalable and reliable solution for outbound HA in AWS.

upvoted 0 times

Joni

10 months ago

Yeah, I think so too. It provides a good balance between scalability and reliability.

upvoted 0 times

...

Ilene

10 months ago

I agree, B) Transit gateway and Security VPC is definitely the most scalable option.

upvoted 0 times

...