Telemetry autoenablement for Palo Alto Networks devices streamlines the activation and configuration of telemetry, eliminating complex workflows and manual setup. This feature ensures that upon device onboarding, telemetry is automatically enabled and configured to stream data to the correct data residency region, determined by your location or existing configurations.

Strata Cloud Manager or hub now manages telemetry settings, rather than individual Panorama or firewall devices. These services store information for all devices within a tenant service group (TSG), simplifying and automating telemetry configuration. This approach removes operational hurdles, enabling full utilization of telemetry's benefits while maintaining control over data sharing preferences.

Consistent telemetry data streaming provides enhanced security, faster security responses, and access to advanced features through critical threat insights. Telemetry autoenablement ensures your devices send valuable diagnostic and usage information, significantly improving support case resolution times and offering real-time insights into performance, usage, and potential issues.

You have the ability to manage your telemetry settings at the TSG level, including the option to change the telemetry tier from Full to Diagnostic through the hub interface or Strata Cloud Manager. This tiered approach ensures you can choose the level of information shared while adhering to data privacy requirements. Additionally, all telemetry configuration changes are logged for audit purposes, assisting with compliance and security policy adherence.

Download and install PAN-OS software patches to apply fixes to bug or Common Vulnerability Exposure (CVE) without the need to schedule a prolonged maintenance window to install a new PAN-OS version from the Next-Generation Firewall or Panorama™ management server web interface. This allows you to strength your security posture immediately without introducing new known issues or changed to default behaviors that may come with installing a new PAN-OS version.

Tags allows you the ability to visually group your policy rulebase. PAN-OS 10.2.5 introduces the Tag Browser which allows you to manage your policy rulebase using the applied tags, and thereby simplifies policy rulebase management.

Firewalls and Panorama management servers now validate software upgrades before you install them. This allows more steps to be completed prior to the software installation, which speeds up software upgrades and increases confidence in the upgrade process. For example, prior to downloading the target release, the appliance displays any required software, including intermediate software versions and content dependencies, which you can download along with the target release in one step. You can also use an SCP server as a download source and view a history of software upgrades.

The Strata Cloud Manager Command Center is your new NetSec homepage; it is your first stop to assess the health, security, and efficiency of your network. In a single view, the command center shows you all users and IoT devices accessing the internet, SaaS applications, and private apps, and how Prisma Access, your NGFWs, and your security services are protecting them.

The command center provides you with four different views, each with its own tracked data, metrics, and actionable insights to examine and interact with:

• Summary: A high-level look at all your network and security infrastructure. Monitor the traffic between your sources (users, IoT) and applications (private, SaaS), and see metrics onboarded security subscriptions.
• Threats: Dig deeper into anomalies on your network and block threats that are impacting your users. Review the traffic inspected on your network and see how threats are being detected and blocked around the clock by your Cloud-Delivered Security subscriptions.
• Operational Health: Review incidents of degraded user experience on your network and see root-cause analysis of the issues and remediation recommendations.
• Data Security: Find high-risk sensitive data and update data profiles to further secure your network. Review the sensitive data flow across your network and SaaS applications.

When the command center surfaces an issue through one of these views that you should address or investigate (an anomaly, a security gap, a degraded user experience, something that impacts the security and health of your network), it provides a path to where you can take actions to further secure your network.

The Panorama web interface now displays the preferred releases and the corresponding base releases of PAN-OS software. Before you upgrade or downgrade Panorama or PAN-OS, you can view the list of preferred and base releases and choose your preferred target PAN-OS release. Preferred releases offer the latest and the most advanced features and ensure stability and performance. When there are no preferred releases available, the corresponding base version is not displayed. If necessary, you can choose to view either preferred releases or base releases.