07-09-2021 07:08 AM
Panorama is on 10.0.5 and firewall is on 9.1.7. Yesterday we have performed BPA for firewall , adoption rate is showing 0% for DNS security.
We have upgraded panorama to 10.0.5 after 12th May , before that adoption rate for same was 100%.
we want to confirm is there any issue with BPA tool to calculate adoption of DNS security.
As per my research in panos 10.0 DNS security categories replaced DNS security signature policy in antispyware profile.
7 july 2021
8 may 2021
07-11-2021 02:39 AM
issue resolved. Changed action from block to sinkhole in Anti-spyware profiles and push through panorama.
Now in new BPA report showing 100% adoption rate for DNS security.
In Panos 10.0 , anti-spyware include multiple DNS-security categories with default actions. Changed those actions to sinkhole and worked.
08-27-2021 03:00 PM
I've been stuck at 77% post-upgrade. If I go to Anti-Spyware -> DNS Policies -> I have sinkhole for every source listed. Under signature policies, I have reset-both with single-packet capture for medium severity to critical severity and default for informational and low severity. Are you using different settings?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!