Filter

Expand All | Collapse All

Prisma AIRS

Activation & Onboarding
Administration
Release Notes

Focus

Prisma AIRS

Addressed Issues

Table of Contents

Addressed Issues

Addressed issues in Prisma AIRS.

Review the addressed issues in Prisma AIRS.

ISSUE ID	DESCRIPTION
PAN-265124	K8s Pod Outbound Traffic Blocked by DNS-Security When an "allow-all" rule is configured in Strata Cloud Manager (Manage → Configuration → NGFW and Prisma Access → Security Services → Security Policy) with the default "best-practice" Profile Group, outbound traffic from a K8s pod to the internet may be blocked due to DNS-Security restrictions. Workaround: To ensure outbound traffic functions correctly on Azure/AWS, set the security Profile Group to "None" instead of "best-practice."
ADI-34257	Cloning a security policy rule (Manage → Configuration → NGFW and Prisma Access → Security Services → Security Policy) in Strata Cloud Manager that uses an AI profile group does not update the AI profile usage in the cloned rule.
ADI-34273	When moving an AI Security profile (Manage → Configuration → NGFW and Prisma Access → Security Services → AI Security) in Strata Cloud Manager from one device scope to another, deleting the security profile in the new device scope fails.
PAN-264445 Fixed in 11.2.3-h1	SSL traffic failed between secure pods with decryption enabled, leading to SSL handshake problems as packets were routed to the incorrect endpoint.
PAN-268187 Fixed in 11.2.3-h1	Traffic log incorrectly showed non-AI HTTP/2 traffic as AI traffic. Logs are now accurate, reflecting only actual AI traffic.
PAN-266218 Fixed in 11.2.3-h1	Kubernetes cluster ID from the CNI was not detected, resulting in missing AWS traffic object IDs in east-west and outbound traffic session information.
PAN-266219 Fixed in 11.2.3-h1	Kubernetes cluster ID was missing in the HTTP/2 traffic logs under Incidents and Alerts → Log Viewer → Firewall/AI Security on the Strata Cloud Manager.