PA-200 configuration for low bandwidth site

Reply
Not applicable

PA-200 configuration for low bandwidth site

Hi there,

We have a PA-200 recently deployed at a low bandwidth field site. Monitoring the traffic shows the majority of traffic is from the PA-200 itself, checking for updates, Panorama, Wildfire, etc. Is there a way to configure a PA-200 to only perform this on a scheduled basis? Right now it's transferring about 400Mb per day, which puts it way out at the top of all the traffic reports. I'd really like to quieten it down a lot.

Thanks,

Rob

Tags (2)
Highlighted
bat
L5 Sessionator

Re: PA-200 configuration for low bandwidth site

Hi rmilman

You can schedule Dynamic updates through WebGUI by going to Device > Dynamic Updates.


Also the following documents can be helpful:

How to Determine the Update Schedule for Licensed Features

Tips for Managing Content Updates

Thanks

L7 Applicator

Re: PA-200 configuration for low bandwidth site

Hello rmilman,

Could you please let us know if you have configured any schedule for Wildfire and antivirus. Because, these 2 feature are having the option to get updates every 1 Hr.

First, if you have configured a file blocking profile with action "forward" ( send to wildfire), the suspicious file will be sent to the cloud for analysis, it will take enough bandwidth on your PAN firewall. Secondly, if you are using URL filtering profiles on a security policy and the destination URL's are not available on the Local-DB, the PAN firewall will send the query every time to the Cloud-DB.

Hope this will helps.

Thnaks

L6 Presenter

Re: PA-200 configuration for low bandwidth site

Hi Rmilman,

PANW firewall will contact wildfire whenever you exchange file across firewall. If file is unknown to wildfire than communication is bigger, if its known than small. You shouldnt disable this behavior else its a security hole.

Now, You can schedule other content updates like antivirus, threat and application. You can schedule them weekly or daily basis depending upon requirement. Do it for night 3:00 AM when traffic is minimum. Follow bellow instructions for the same.

Schedule Update.png

Regards,

Hardik Shah

L7 Applicator

Re: PA-200 configuration for low bandwidth site

Since your primary requirement is to reduce the bandwidth utilization, i would suggest you to schedule it once in a week (preferably on Sunday/ non-business hours)

Thanks

L6 Presenter

Re: PA-200 configuration for low bandwidth site

Mind that the firewall updates are protecting your network, so I would think that is actually... a good thing.

If you are concerned about saturation, you should explore QoS, and give the Palo Alto Networks firewall updates traffic lesser priority.

See QoS in PAN-OS 4.1

Having that said, I would advise against expanding the update schedule, and in favor of correctly prioritizing your traffic.

Best regards,

Mariano Ivaldi

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!