can we push dns security enabled anti-spyware profile to panos 8.1

Deepak_K — Wed, 29 Jul 2020 11:07:05 GMT

We are managing 4 location firewalls from Panorama. Panorama and one of the location is on 9.0.9-h1. Rest of the location firewalls are on 8.1.5.

We have activated DNS security licence on that upgraded firewall which is running on panos 9.0.9-h1.

We are using shared anti-spyware profile for all firewalls. If we enable DNS security setting in same anti-spyware profile from panorama and pushed in all devices , is there any impact or commit issue on firewalls which are running on 8.1.5 ?

Re: can we push dns security enabled anti-spyware profile to panos 8.1

Chacko42 — Wed, 29 Jul 2020 11:41:54 GMT

This shouldn't be a problem at all.

The firewall may get a commit warning, but that's not a problem.

With url-filtering profile you will get the same behavior, because http2 decoder isn't present with 8.1 either.

topic can we push dns security enabled anti-spyware profile to panos 8.1 in General Topics

can we push dns security enabled anti-spyware profile to panos 8.1

Re: can we push dns security enabled anti-spyware profile to panos 8.1