We are managing 4 location firewalls from Panorama. Panorama and one of the location is on 9.0.9-h1. Rest of the location firewalls are on 8.1.5.
We have activated DNS security licence on that upgraded firewall which is running on panos 9.0.9-h1.
We are using shared anti-spyware profile for all firewalls. If we enable DNS security setting in same anti-spyware profile from panorama and pushed in all devices , is there any impact or commit issue on firewalls which are running on 8.1.5 ?
This shouldn't be a problem at all.
The firewall may get a commit warning, but that's not a problem.
With url-filtering profile you will get the same behavior, because http2 decoder isn't present with 8.1 either.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!