topic Re: Threat / AV signatures after OS EOL. in General Topics

Threat / AV signatures after OS EOL.

RobinClayton — Wed, 30 Oct 2019 14:57:02 GMT

Will AV / Threat Signatures still up date on 8.0 after EOL?

I only found out it was going EOL when I logged into another of our clusters with 8.1 which told me on the MOTD..

The MOTD on the 8.0 has no such message.

I have had look through the "Palo Alto Networks Content Update" emails and can't find any warning. Even on the 8.0.20 release there's nothing to say it's going to be EOL in a few days...

Cheers

Rob

Re: Threat / AV signatures after OS EOL.

kiwi — Wed, 30 Oct 2019 16:12:22 GMT

Hi @RobinClayton ,

Dynamic updates should continue to update. That said I can only urge you to update the OS asap.

Raising the minimum PAN-OS release to PAN-OS 6.1 for Applications and Threats content updates

Cheers !

-Kiwi.

Re: Threat / AV signatures after OS EOL.

RobinClayton — Wed, 30 Oct 2019 16:43:34 GMT

Yeah the Dynamics are what I need to confirm.

My colleague did a web chat with someone who said they would.

I have a support call with the UK premium support partner that said they would not..

The firewall is a HA pair and although it has been tested for a live update fine, it now passes a very very important subset of traffic that we have never tested to ensure the traffic is not interrupted. So we need to very carefully consider the timing of the upgrade with the third party. And it's a busy time of year for that part of the system.

Rob

Re: Threat / AV signatures after OS EOL.

RobinClayton — Wed, 30 Oct 2019 16:49:00 GMT

And Palo Support have just also responded...

With an irrelevant article on licence expiration,

Confirming no further releases of 8.0.x

But not answering the Actual question about dynamic updates!!

Rob

Re: Threat / AV signatures after OS EOL.

KellyM — Wed, 30 Oct 2019 16:51:12 GMT

We have 6 ha pairs, and when I have done HA upgrades, I have never had issues with traffic dropping. GlobalProtect users stay connected on fail over and have never dropped either.

My method is to upgrade secondary, then manually failed to it, upgrade primary, then fail back to the primary.

Never had any issues going from either upgrading point releases or 8->8.1 or 8.1 -> 9.0.

Granted your mileage may vary.

Re: Threat / AV signatures after OS EOL.

RobinClayton — Wed, 30 Oct 2019 16:58:02 GMT

It's just this one particular traffic stream that I personally am cautious of otherwise we would just crack on. We can stop the traffic but it puts a lot of public customer facing systems out of order, and really we want to test it properly so we have the confidence to do it without going offline.

It's just the timing is not good and if we can delay it till the new year that would be better.

Hence if Dynamic Content continues we have the option.

Re: Threat / AV signatures after OS EOL.

RobinClayton — Thu, 07 Nov 2019 09:17:58 GMT

Both PA and Partner Support UK (Westcon) both initially responded by just sending across the link to the EOL document and not answering the question.

PA eventually confirmed from "Research" that Dynamic Updates would be fine.

Westcon said dynamic content would stop, but after I suggested that PA said it was fine, they went away and confirmed the answer from PA..

And now 7 days later we are still getting updates ok....

This should have been a simple question with a simple straight answer, and one that could be found easily!!

Cheers

Rob

Re: Threat / AV signatures after OS EOL.

OtakarKlier — Thu, 07 Nov 2019 17:04:08 GMT

Hello,

We are running 9.0.4 and no issues. However we dont have any of the items that are having issues in the release notes.

Always read the release notes!

Cheers!