Why is there a Maximum PAN-OS Version for signatures?

Not applicable

Why is there a Maximum PAN-OS Version for signatures?


Why is there a Maximum PAN-OS Version for some signatures? How can I tell if newer versions of PAN-OS can detect the same thing?

E.g. I saw this:

Modified Anti-spyware Signatures (1)

SeverityIDAttack NameDefault ActionMinimum PAN-OS VersionMaximum PAN-OS Version
high20000Conficker DNS Requestalert3.


     Drew Daniels

L5 Sessionator

I could find the same signature on 5.0.9 as well. So i guess for now we need to consider and go by only the minimum version.let me look further into it.

L5 Sessionator

One more thing that i Observed from the release notes was the maximum versions are stated only for modified signatures .

L6 Presenter

There was a similar thread recently.

From what I understand it means that the modification only applies for PANOS 3.0.0 -

That is if you run 4.1.1 or 5.0.x etc then there was no modification.

Could be good to know if you suddently starts to get alarms after the update is applied.

L6 Presenter

Yes I agree with you.That is about modification.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!