Cyber Elite Spotlight Interview: @TomYoung

This month we’ll get to know LIVEcommunity Cyber Elite expert, @TomYoung. Our Cyber Elite members are among LIVEcommunity's top contributors and we are excited to be featuring them via our community interviews!

Tom is a Principal Network Architect and a four-time CCIE/CCDE, PNCSC/PCNSE with more than 20 years of networking/security experience. We recently had an opportunity to talk to Tom about Palo Alto Networks, his journey in cybersecurity, and of course, being a LIVEcommunity Cyber Elite. 

What does it mean to be a Palo Alto Networks Cyber Elite?

It is an honor to be recognized by the community for my participation and expertise.

What was your first experience with Palo Alto Networks?

I started to work on the firewalls in 2016 to support my customers. Since then, I have gained a ton of knowledge primarily in the Strata product line. I passed my first PCNSE in 2017 and I have re-certified every two years, most recently this month at Ignite 2022.

What motivated you to start engaging in LIVEcommunity?

I saw that the community was a great place to find answers. It showed up in a lot of my Google searches.

What keeps you coming back today to the community?

I started coming back for answers to questions, but I also found it was a great way to learn solutions to common challenges that may not be in the documentation. I was learning from the experience of others.

What would you say to those brand new to the community about engaging or how to engage with LIVEcommunity? What’s the value there?

The value is that it is a great place to learn and find answers. We answer a lot of questions many times on the level of TAC.

I have two pointers for those who want to engage:

1. Please always respond. If you put forth the effort to post a question, please finish the job and let those who respond know if they were helpful.
2. The community thrives on likes and marked solutions. Please give likes to every response that you think is helpful and, by all means, mark an answer as a solution if it helps you solve your problem. You can mark more than one answer as a solution!  Marked solutions help others find the answer quickly if they have a similar problem.

What advice would you give to someone who is just getting started with PAN products ?

The online documentation, especially the Administrator’s Guide, is excellent and has instructions for all the common features from configuring an interface to preventing credential phishing. They show up in Google searches. The free online Beacon course Firewall Essentials is first class training that walks you through all the fundamental skills.

What is your advice to others looking to move to the next level in cybersecurity knowledge?

There are two things that push me to a level of excellence:

1. Know how things work. I can assist many customers troubleshooting technologies from OSPF to firewall drops because I looked under the hood an understood the mechanics. For example, the Traffic Processing Sequence in the PCNSE study guide details the steps the NGFW takes when setting up a session and applying security controls to a traffic flow. This is helpful for understanding packet flow issues or whether to use the NAT or real IP in the security policy.
2. Develop a list of security best practices. Don’t just think of how to solve a security challenge, but what is the best way to do it.  You will find yourself solving many other security issues as well.  You can Google these PANW resources to get started:

- The Day 1 Configuration tool – I use it for all new NGFW configurations. It includes many best practices to harden the NGFW and improve the security configuration

- Best Practice Assessment or BPA – it is an automated tool with best practice configuration recommendations

- The PANW Best Practices page

- The trophy icon in the online Administrator’s Guide that highlights best practice configurations

What aspect of working in cybersecurity do you find most interesting or exciting?

I am concerned about protecting my customers — and excited about the tools PANW gives me to do so.

What's the number one thing individuals aren’t doing but should do to secure their virtual worlds?

They are not using all the security features in their products! Know your products well and configure all the features you can to block the bad guys. What’s the #1 thing corporations don’t do? They don’t review their logs and take the proper response. The vast majority of breaches show up in the logs somewhere. Most companies do not have a full SOC and should look into MDR.

What do you do in your free time when you’re not working?

My wife and I just moved to North Carolina, and we’ve been very busy establishing new routines. We love to get outdoors when we have time. We are so grateful for our new home and neighborhood.

What’s your community super power?

Haha! I am a 4x CCIE/CCDE and have been working with networking products for decades. I have a good knowledge of network design and mechanics that helps people (1) plan the network and (2) troubleshoot issues, not just a single platform.

We hope you enjoyed getting to know a bit more about Tom, our featured Cyber Elite expert this month. If you have any specific questions for Tom, please reach out to him in the community by tagging him in a post with his username @TomYoung or post a comment in the section below. 

Be sure to visit the Cyber Elite Program page to learn more, and stay tuned as we’ll continue to interview and feature all of our Cyber Elite members!

Thanks @TomYoung! 😄

Stay Secure!

@JayGolf out