With today's blog I would like to highlight some of the new and updated features in PAN-OS version 10.0.3.
Prior to upgrading, I would recommend checking out the release guidance page or reaching out to your Professional Services or Focused Services account manager for a more tailored release guidance.
New and updated PAN-OS 10.0.3 features*
Multiple APNs on S11 interfaces for RAN deployments
In PAN-OS 10.0.2 and earlier, all access point names (APNs) from the same user equipment (UE) shared a single GTP-C tunnel on an S11 interface.
In PAN-OS 10.0.3 and later, the firewall supports multiple APNs on an S11 interface for RAN deployments by creating separate sessions for multiple APNs. By dividing the GTP-C tunnel into multiple sessions, the firewall now processes each APN independently.
Scheduled Reports for Cortex Data Lake
(PAN-OS 10.0.3 or later) Beginning with PAN-OS 10.0.3, support for scheduled reports on Cortex Data Lake data is now enabled by default.
IKEv2 Support for AES-GCM Encryption
Available with PAN-OS® 10.0.3 and later 10.0 releases
Security-conscious customers in financial verticals and other markets who have VPN deployments are standardizing on strong IKE and IPSec security and require PAN-OS firewalls to support AES-GCM (Advanced Encryption Standard with Galois/Counter Mode). PAN-OS firewalls now support two new encryption algorithms for IKEv2 crypto profiles: AES-GCM with 128-bit strength and AES-GCM with 256-bit strength to provide compatibility with other devices and to provide stronger security than AES-CBC (AES with Cipher-Block Chaining).