06-28-2024 10:01 AM
Looking for advice on best practice regarding dynamic updates (AV, IPS, WF) when managing firewalls from a Panorama. Currently we are download and pushing these dynamic updates from Panorama to about 15 firewalls but will be managing more firewalls from Panorama in the future. We have discovered some of these dynamic update jobs becoming hung and the push to the firewall never completes.
Possible we should consider configuring each firewall to download from the cloud instead of our on prem Panorama?
06-28-2024 10:33 PM
Hello,
When managing firewalls from Panorama, consider these best practices for dynamic updates:
Uniform Content Versions: Ensure Panorama, Log Collectors, and managed firewalls run the same content release version1.
Scheduled Automatic Updates: Set up recurring updates to stay current with the latest content versions.
Cloud vs. On-Prem: While Panorama can push updates, configuring firewalls to download directly from the cloud is an alternative worth exploring.
Feel free to explore the cloud-based approach for dynamic updates
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
