traps agent content update on TMS

L2 Linker

traps agent content update on TMS

Dear All,

                 I am confused whether content updates sent after the policy update or from response of heartbeat. I checked the admin guide which says content updates are "automated content updates delivered directly to your Traps management service tenant by Palo Alto Networks." No detailed info available.


Please some share document for 


  • automated content update interval time and process flow to check/get update.
  • how to download  content update to the endpoints manually.



with regards,


L0 Member

Re: traps agent content update on TMS

I am also interested in this, especially in the second part. We have a customer who has hosts that cannot ever be connected to the internet, is it not possible to secure these via TMS and manual updates?

L7 Applicator

Re: traps agent content update on TMS

@RamBalaji ,

From my understanding the heartbeat connection will trigger a policy update if one is available, similarly if a new content upgrade has been pushed out the next heartbeat connection will trigger the content upgrade. Content upgrades actually being pushed to the TMS tenant are done in a phased approach and don't have a set schedule really.


If you are utilizing the TMS you can not perform a manual content upgrade on the endpoint at this time. Your agent needs to have internet access to TMS to be able to download the new policies, new content upgrades, and to verify license status. 

L7 Applicator

Re: traps agent content update on TMS


If the hosts can not be granted access to the TMS tenant TMS is not going to be the proper Traps deployment for you. TMS access is required for agent activation, policy updates, content upgrades, and everything else. 

In your situation I would recommend that you deploy Traps with an on-site ESM server that you can grant access to the outside world. Then the hosts only need access to the ESM server and don't actually require internet access. 


Note: The Traps Management Service (Cloud/Hosted) environment and the Traps Endpoint Security Manager server (ESM) are both supported. Prior to deployment you should ensure that the install solution meets all of your needs; there are some things that are only going to be available in the ESM installation, along with features that come to TMS prior to actually being deployed in a ESM upgrade. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!