topic Re: Why are APPID and Threats not Separate Updates? in Advanced Threat Prevention Discussions

Why are APPID and Threats not Separate Updates?

Retired Member — Thu, 27 Jun 2019 17:20:57 GMT

Don't tell me how to fix this, I already know how it works.

I need to know why Palo Alto does not have a separate APPID update and Threat update just like AV and WF are separate.

Using PA as an everything device we actually need Vulnerability and Antispyware to be separate as well.

Re: Why are APPID and Threats not Separate Updates?

OtakarKlier — Thu, 27 Jun 2019 20:39:27 GMT

Hello,

While someone from PAN can chime in, I think its because the APPS are not updated as frequently? Is there a specific reason you would want them seperated out?

Regards,

Re: Why are APPID and Threats not Separate Updates?

Retired Member — Fri, 28 Jun 2019 14:59:25 GMT

For that reason pretty much. Appid's need a differnet process for review than do Threat, AV and WF do not need much review at all and they have their own update.

Also would help to break out vulnerability and spyware separate and have a selection method for what gets pushed instead of managing by exception.

Re: Why are APPID and Threats not Separate Updates?

OtakarKlier — Fri, 28 Jun 2019 17:39:00 GMT

Hello,

Those are valid reasons, however to propose a change like that you need to open a customer request through your SE/sales team. In the meantin, you can allow the PAN to install the newest Threats signatures and skip the APPs.

Device->Dynamic updates

then configurethe updates to disable new APPs

Just a thoght.

Cheers!

Re: Why are APPID and Threats not Separate Updates?

Retired Member — Mon, 01 Jul 2019 11:38:30 GMT

I know how to do it, Check point has a much better solution even on r77.30.

At least spit out the updates and give the ability to review the updates and put those we do not need in a holding spot / review bucket or something else to address later.