Hi @Shashanksinha ,
Thank you for writing to live community!
Following is the response to your query below:
- Please refer to End Of Life summary for all PANW products here: Cortex XDR Agent End of Life Summary
- The Traps agent or agent 5.0 is a native agent with no enhnaced detection capabilities as of date and supported on very old operating system versions which have been announced EoL by OS OEMs more than 2 years ago. With the passing of time, it is also recommended that these OS should be decommissioned which means organisations should strive to update to the latest OS versions for latest features, functionality and support in terms of business operations and cybersecurity standards. If you look at the agent installation matrix, you would find clearly that the agent is supporting installation on Operating Systems which can now be declared as borderline antique let alone being outdated. Post EoL, Palo Alto Networks will not support installation of any agent version on these OSs and the ultimate change would be to replace the OS with latest or the farthest supported OS.
- Even today with the agent 5.0, which does not provide any EDR data collection, endpoints with these agents do not provide enough security context to support an advanced next gen security solution which means the most advanced TTPs are not detected as such which essentially would be available with the latest agents. On top of that new protection modules which have dependency on minimum agent version(take eg of Java Deserialisation Protection on Windows to protect against Log4j attacks which needs minimum of agent 7.6 to work for detection and 7.7 for prevention) would not be applicable for these outdated agents. Also, once the agent goes EoL, all the content updates which enhance security, stability and compatibility of the agent on the endpoint will be stopped. This essentially means that any new security updates and protection against any zero day attacks(which could be covered as part of the base minimal functionality of the agent will not be covered) and any performance issues and stability issues will not be handled by Palo Alto Networks support anymore.
- Customers can adopt their own strategies and methodologies to perform the protection. As mentioned in 3rd, having an EoL agent on an antique software though is not a recommended, but you have protection in its base minimal functionality until the last date of EoL. Post that customers can choose their own strategy to think about the future of the endpoint and possibly upgrade the OS and stay on top of the best possible available security updates with Cortex XDR agents available at that time.
Hope this helps!
Please mark the response as "Accept as Solution" if it answers your query.
