Palo Alto Networks Exam PSE-SoftwareFirewall Topic 1 Question 2 Discussion

Actual exam question for Palo Alto Networks's PSE-SoftwareFirewall exam

Question #: 2
Topic #: 1

Which two configuration options does Palo Alto Networks recommend for outbound high availability (HA) design in Amazon Web Services using a VM-Series firewall? (Choose two.)

ATraditional active-active HA

BTransit gateway and Security VPC

CTraditional active-passive HA

DTransit VPC and Security VPC

Show Suggested Answer

Suggested Answer: B, D

Transit Gateway and Security VPC:

Using a transit gateway in conjunction with a Security VPC is a recommended design for outbound high availability (HA) in AWS. This configuration ensures that traffic can be routed efficiently and securely through the VM-Series firewalls deployed in the Security VPC.

Palo Alto Networks AWS Design Guide

Transit VPC and Security VPC:

Another recommended approach is to use a Transit VPC along with a Security VPC. The Transit VPC provides a centralized routing hub, while the Security VPC hosts the VM-Series firewalls to inspect and secure outbound traffic.

Palo Alto Networks AWS Transit VPC Guide

by Slyvia at Jul 12, 2024, 08:41 AM

Limited Time Offer

25%

Off

Get Premium PSE-SoftwareFirewall Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Carlene

8 months ago

I'm not sure about option D, Transit VPC and Security VPC. I think it might not provide the same level of high availability as the other options.

upvoted 0 times

...

Laurena

9 months ago

I'm going to have to go with B) Transit gateway and Security VPC. It's the Palo Alto recommended solution, so it must be the best choice, right?

upvoted 0 times

...

Shantell

9 months ago

D) Transit VPC and Security VPC? Sounds like a lot of moving parts. I'd rather keep it simple with the traditional HA options.

upvoted 0 times

Veta

8 months ago

D) Transit VPC and Security VPC can provide additional security measures for outbound traffic.

upvoted 0 times

...

Lore

8 months ago

C) Traditional active-passive HA is also a good option to consider.

upvoted 0 times

...

Aide

8 months ago

A) Traditional active-active HA is a solid choice for outbound high availability.

upvoted 0 times

...

Golda

9 months ago

I agree with Glenna, traditional active-active HA and Transit gateway with Security VPC make sense for outbound high availability.

upvoted 0 times

...

Garry

9 months ago

I'm going with A) Traditional active-active HA. It's the classic HA setup and should work just fine in the cloud too.

upvoted 0 times

...

Queen

9 months ago

C) Traditional active-passive HA seems like the more straightforward option. Why complicate things with all these VPCs and gateways?

upvoted 0 times

Melinda

8 months ago

A) Traditional active-active HA is more complex but offers better load balancing.

upvoted 0 times

...

Dominque

8 months ago

B) Transit gateway and Security VPC provide additional security and flexibility.

upvoted 0 times

...

Elfrieda

8 months ago

C) Traditional active-passive HA is simpler to set up and manage.

upvoted 0 times

...

Carlene

8 months ago

A) Traditional active-active HA is recommended for better performance and redundancy.

upvoted 0 times

...

Glenna

9 months ago

I think option A and B are the recommended configuration options.

upvoted 0 times

...

Lindsey

9 months ago

I think B) Transit gateway and Security VPC is the way to go. It's the most scalable and reliable solution for outbound HA in AWS.

upvoted 0 times

Joni

8 months ago

Yeah, I think so too. It provides a good balance between scalability and reliability.

upvoted 0 times

...

Ilene

9 months ago

I agree, B) Transit gateway and Security VPC is definitely the most scalable option.

upvoted 0 times

...