Review the list of known issues as per the latest release for AI Runtime
Security:
Issue ID
Description
PAN-256741
Traffic Routing Blocked Between `fw-trust-vpc` and
`app-vpc`
Traffic routing between fw-trust-vpc and app-vpc via
VPC peering is currently blocked because the route export from
fw-trust-vpc to app-vpc for 0.0.0.0/0 to ILB is hindered by an
existing default gateway route in the app-vpc.
Workaround
: Create a default route in the app-vpc
which uses the AI Runtime Security ILB as the next hop. This ensures
traffic routes correctly through the AI Runtime Security
instance(firewall), enforcing security policies.
PLUG-16395
IPv6 Tags harvesting is not supported.
AIFW-421
Missing CIDR retrieval during AI Runtime Security
deployment
While deploying an AI Runtime Security instance
(
Insights
→ AI Runtime Security
) in SCM, selecting the
application namespace does not retrieve the cluster pod and service
CIDR.
Workaround
: After generating the Terraform
configuration, please whitelist these CIDR values in the Firewall
Trust VPC firewall rule.
PAN-263750
No Detection Logs for GenAI LLM Apps in AI Security Threat
Logs
Detection logs for AI threats are missing in
the AI security threat logs under SCM, in
Incidents and
Alerts
→ Log Viewer
when AI
models are targeted by GenAI prompts.
This issue
occurs when AI LLM Applications are defined in the security policy,
but the necessary dependent applications (such as SSL and web
browsing) are not included. As a result, the AI Runtime Security
instance provides inaccurate threat verdicts.
Workaround:
Navigate to
Manage
→
Configuration
→ NGFW and Prisma
Access
→ Security Services
→ Security Policy
and scope it to your AI
Runtime Security instance. Edit the policy to include the dependent
apps (web browsing and SSL apps). This will ensure the AI Runtime
Security instance detects and logs AI security threats correctly in
the
Log Viewer
.
ADI-34273
AI Security Profile Deletion Failure After Scope
Relocation
When moving an AI Security profile
(
Manage
→
Configuration
→ NGFW and Prisma
Access
→ Security
Services
→ AI Security
) in
SCM from one device scope to another, deleting the security profile
in the new device scope fails.
ADI-34257
Cloning a security policy rule
(
Manage
→
Configuration
→ NGFW and Prisma
Access
→ Security Services
→ Security Policy
) in SCM that uses an AI
profile group does not update the AI profile usage in the cloned
rule.
PAN-266547
Tag Collector in TC Mode enters Maintenance Mode after upgrade to
`v11.2.3`
The issue occurs when you upgrade the AI
Runtime Security tag collector from `v11.2.2-h1` to `v11.2.3`, the
tag-collector enters a rebooting loop and eventually goes to
maintenance mode.
Workaround
: Don’t upgrade
to `v11.2.3` as the auto-commit feature is not triggered in
`v11.2.3`.
PAN-266547
Tag Collector running `v11.2.2-h1` enters Maintenance Mode with
instance types other than `n2-standard-4` and `Standard_DS3_v2` post
bootstrap. This is due to incorrect capacity file computation and
excessive memory usage.
Workaround
: Use `n2-standard-4` or
`Standard_DS3_v2` instance sizes for running `v11.2.2-h1` to avoid
this issue.
PAN-265124
K8s Pod Outbound Traffic Blocked by DNS-Security
When an "allow-all" rule is configured in
Manage
→
Configuration
→ NGFW and Prisma
Access
→ Security Services
→ Security Policy
with the default
"best-practice"
Profile Group
, outbound traffic from a K8s
pod to the internet may be blocked due to DNS-Security
restrictions.
Workaround:
To ensure outbound traffic
functions correctly on Azure/AWS, set the security
Profile
Group
to "None" instead of "best-practice."
PAN-266219
Kubernetes Cluster ID missing in HTTP/2 Traffic Logs
When
LLM traffic is sent from a K8s App pod via HTTP/2, the
Traffic
Details
logs under
Incidents and Alerts → Log Viewer →
Firewall/AI Security