When a SaaS Security administrator pushes
Security policy rule recommendations to a PAN-OS firewall, the PAN-OS
firewall administrator can import those rules on the firewall to
gain visibility into and control of the applications in the policy
recommendation.
See the SaaS Security Administrator’s Guide for
the SaaS administrator’s policy recommendation and push procedures.
This procedure shows PAN-OS administrators how to import policy
recommendations.
If the SaaS Security administrator
pushes Security profiles with the policy recommendation and those
profiles don’t exist on the firewall, the firewall import fails.
If the profiles already exist on the firewall, the import succeeds.