Firewall and PAN-OS Support of IoT Security

IoT Security support varies by firewall model and PAN-OS version.
For Palo Alto Networks next-generation firewalls running PAN-OS 8.1, PAN-OS 9.0, or PAN-OS 9.1, the IoT Security solution provides visibility of discovered IoT devices based on the logs it receives from the firewall. IoT Security also uses machine learning (ML) to identify vulnerabilities and assess risk in devices based on their network traffic behaviors and dynamically updated threat feeds. Firewalls running these PAN-OS versions also support manually importing the policy rule recommendations that IoT Security generates.
Firewalls running PAN-OS 10.0 or later automate policy enforcement through the Device-ID™ framework. This is a mechanism that identifies devices by attributes such as device type, vendor, model, or operating system and then applies device-based policy rules to those with matching attributes.
All Palo Alto Networks next-generation firewalls running PAN-OS 10.0 or later fully support IoT Security with the following exceptions.
IoT device visibility and the manual application of policy recommendations but not Device-ID
  • PA-200 with PAN-OS 8.1
  • PA-500 with PAN-OS 8.1
  • PA-3020 with PAN-OS 8.1, PAN-OS 9.0, or PAN-OS 9.1
  • PA-3050 with PAN-OS 8.1, PAN-OS 9.0, or PAN-OS 9.1
  • PA-3060 with PAN-OS 8.1, PAN-OS 9.0, or PAN-OS 9.1
  • PA-5020 with PAN-OS 8.1
  • PA-5050 with PAN-OS 8.1
  • PA-5060 with PAN-OS 8.1
No IoT Security support
  • VM-50
  • VM-200
  • CN Series
  • Software Next-Generation Firewall Credits

Recommended For You