We are managing 4 location firewalls from Panorama. Panorama and one of the location is on 9.0.9-h1. Rest of the location firewalls are on 8.1.5.
We have activated DNS security licence on that upgraded firewall which is running on panos 9.0.9-h1.
We are using shared anti-spyware profile for all firewalls. If we enable DNS security setting in same anti-spyware profile from panorama and pushed in all devices , is there any impact or commit issue on firewalls which are running on 8.1.5 ?
This shouldn't be a problem at all.
The firewall may get a commit warning, but that's not a problem.
With url-filtering profile you will get the same behavior, because http2 decoder isn't present with 8.1 either.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!