Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Networking
Quick Start
Reference
Incidents & Alerts
Release Notes
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
Help
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1

Focus

Next-Generation Firewall

New Features in May 2024

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Networking
Quick Start
Reference
Incidents & Alerts
Release Notes
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
Help
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1

New Features in May 2024

These are the new features introduced in May 2024 for AIOps for NGFW Free, and for AIOps for NGFW Premium.

These are the new features introduced in May 2024 for AIOps for NGFW Free, and for AIOps for NGFW Premium. AIOps for NGFW Premium updates include new features to support Cloud Management for NGFWs.

Strata Cloud Manager: Policy Config Memory Usage Approaching Max Limits Alert

May 16, 2024

Introducing the Config Memory Usage Approaching Max Limits alert that triggers when the policy config memory usage exceeds a certain threshold. Exceeding policy config memory usage may lead to commit failure, dataplane malfunction, and consequently, the device entering non-functional state, causing a business interruption.

Supported on Strata Cloud Manager with AIOps for NGFW Premium license.

Health alerts actively monitor the health and performance of your platform in real-time. This approach helps in identifying issues, predicting potential problems, and implementing remediation actions to ensure your devices function optimally. Here are some key aspects:

Monitoring Metrics: Continuously monitor various metrics from the NGFWs, including CPU utilization, memory usage, disk space, network throughput, and other relevant performance indicators.
Anomaly Detection: Generate alerts that dynamically adjust based on the metric's historical value and your usage trends.
Predictive Analysis: Predict when certain thresholds exceed or when specific events occur by analyzing historical data and patterns. This helps forecast potential issues before they escalate.

Strata Cloud Manager: Config Memory Usage Approaching Max Limits Alert

May 16, 2024

Introducing the Config Memory Usage Approaching Max Limits alert that triggers when the configuration size on the firewall is close to reaching the maximum limit of config memory usage. During the commit process, a dedicated amount of memory is allocated. During Phase 1 and Phase 2 of the commit process, both the current config and the 'to-be-used' config are stored in memory. Exceeding 50% of VSYS Config Allocator Usage can lead to a commit failure due to insufficient config memory. With this alert, you can take remediation action to prevent a commit failure, which can ultimately lead to an HA Failover.

Supported on Strata Cloud Manager with AIOps for NGFW Premium license.

Health alerts actively monitor the health and performance of your platform in real-time. This approach helps in identifying issues, predicting potential problems, and implementing remediation actions to ensure your devices function optimally. Here are some key aspects:

Monitoring Metrics: Continuously monitor various metrics from the NGFWs, including CPU utilization, memory usage, disk space, network throughput, and other relevant performance indicators.
Anomaly Detection: Generate alerts that dynamically adjust based on the metric's historical value and your usage trends.
Predictive Analysis: Predict when certain thresholds exceed or when specific events occur by analyzing historical data and patterns. This helps forecast potential issues before they escalate.

Strata Cloud Manager: ACC Query Failure Alert

May 16, 2024

Introducing the ACC Query Failure alert that detects the failure of the Application Command Center (ACC) query. This failure can impede real-time visibility into network activity, which can compromise the ability to make informed decisions and respond effectively to security incidents.

Supported on Strata Cloud Manager with AIOps for NGFW Premium license.

Health alerts actively monitor the health and performance of your platform in real-time. This approach helps in identifying issues, predicting potential problems, and implementing remediation actions to ensure your devices function optimally. Here are some key aspects:

Monitoring Metrics: Continuously monitor various metrics from the NGFWs, including CPU utilization, memory usage, disk space, network throughput, and other relevant performance indicators.
Anomaly Detection: Generate alerts that dynamically adjust based on the metric's historical value and your usage trends.
Predictive Analysis: Predict when certain thresholds exceed or when specific events occur by analyzing historical data and patterns. This helps forecast potential issues before they escalate.

Strata Cloud Manager: Approaching Max Capacity - URLs or IPs within EDLs Alert

May 16, 2024

Introducing the Approaching Max Capacity alert for URLs or IPs within EDLs alert that triggers when the number of URLs, IPs, or Domains in the External Dynamic Lists (EDLs) used in the firewall policy approaches the maximum capacity supported by the firewall. If the capacity limit is reached, the network could become vulnerable to attacks because the firewall won't detect any additional malicious URLs, IPs, or Domains. To mitigate this risk, remove unnecessary or unused entries from the EDLs to reduce the entries and eliminate vulnerabilities.

Supported on Strata Cloud Manager with AIOps for NGFW Premium license.

Health alerts actively monitor the health and performance of your platform in real-time. This approach helps in identifying issues, predicting potential problems, and implementing remediation actions to ensure your devices function optimally. Here are some key aspects:

Monitoring Metrics: Continuously monitor various metrics from the NGFWs, including CPU utilization, memory usage, disk space, network throughput, and other relevant performance indicators.
Anomaly Detection: Generate alerts that dynamically adjust based on the metric's historical value and your usage trends.
Predictive Analysis: Predict when certain thresholds exceed or when specific events occur by analyzing historical data and patterns. This helps forecast potential issues before they escalate.

Strata Cloud Manager: PAN-OS Integrated User-ID Agent Monitored Server Disconnected Alert

May 9, 2024

Introducing the PAN-OS Integrated User-ID Agent Monitored Server Disconnected alert, which detects when the server, monitored by the PAN-OS integrated User-ID agent (Agentless User-ID), loses connection with the firewall. This monitored server is a critical component for mapping user identities to network activities. The loss of connectivity between the firewall and the monitored server by the PAN-OS integrated user-ID agent results in the loss of real-time user identification data and compromises security monitoring capabilities. This situation poses potential risks to network integrity and access control measures.

Supported on Strata Cloud Manager with AIOps for NGFW Premium license.

Health alerts actively monitor the health and performance of your platform in real-time. This approach helps in identifying issues, predicting potential problems, and implementing remediation actions to ensure your devices function optimally. Here are some key aspects:

Monitoring Metrics: Continuously monitor various metrics from the NGFWs, including CPU utilization, memory usage, disk space, network throughput, and other relevant performance indicators.
Anomaly Detection: Generate alerts that dynamically adjust based on the metric's historical value and your usage trends.
Predictive Analysis: Predict when certain thresholds exceed or when specific events occur by analyzing historical data and patterns. This helps forecast potential issues before they escalate.

AIOps for NGFW: Support for Saudi Arabia Region

May 24, 2024

AIOps for NGFW is now supported in the Saudi Arabia region.

You can now host your AIOps for NGFW instance in this newly available region. In this way, your telemetry and firewall log data is processed by a local AIOps for NGFW instance without the data ever leaving your geographic region. To host AIOps for NGFW in new regions for new customers, select the desired region during the Free or Premium activation process. If you are an existing customer with an AIOps for NGFW instance, it will continue to operate from its original location.