Panorama Plugins Upgrade/Downgrade Considerations
Upgrade/downgrade considerations for Panorama plugins.
The following table lists the new features that have
upgrade or downgrade impact. Make sure you understand fall upgrade/downgrade
considerations before you upgrade to or downgrade from a PAN-OS
10.2 release. For additional information about PAN-OS 10.2 releases,
refer to the PAN-OS 10.2 Release Notes.
Feature | Upgrade Considerations | Downgrade Considerations |
---|---|---|
Panorama Plugins
| Before you upgrade to PAN-OS 10.2, you must download
the Panorama plugin version supported on PAN-OS 10.2 for all plugins
installed on Panorama. This is required to successfully upgrade
to PAN-OS 10.2. See the list of Compatible Plugin Versions for
PAN-OS 10.2 for more information. | To downgrade from PAN-OS
10.2, you must download the Panorama plugin version supported on
PAN-OS 10.1 and earlier releases for all plugins installed on Panorama. See
the Panorama Plugins Compatibility
Matrix for more information. |
( Enterprise DLP ) After upgrading Panorama
to PAN-OS 10.2, you must install Application and Threats content
release version 8520 on all managed firewalls
running PAN-OS 10.2 or earlier release. This is required to successfully
push configuration changes to managed firewalls leveraging Enterprise
DLP that you did not upgrade to PAN-OS 10.2. | ||
( Enterprise DLP ) Loading a Panorama configuration
backup that does contain the Shared Enterprise DLP configuration
deletes the shared App exclusion filter required to scan non-file
based traffic. | ||
( SD-WAN ) Panorama plugin for SD-WAN
2.2 and earlier releases are not supported in PAN-OS 10.2.Upgrading
a Panorama management server to PAN-OS 10.2 when the Panorama plugin for
SD-WAN 2.2 or earlier release is installed causes the SD-WAN plugin
to be hidden in the Panorama web interface or causes the SD-WAN
configuration to be deleted. In both cases, you are unable to install
a new SD-WAN plugin version or uninstall the SD-WAN plugin. | ||
PAN-OS SD-WAN | After successful upgrade of Panorama to
PAN-OS 10.2 and the Panorama plugin from SD-WAN version 2.0.0 to SD-WAN
version 3.0, you must clear the SD-WAN cache on Panorama for existing
SD-WAN deployments only. Clearing the SD-WAN cache does not
delete any existing SD-WAN configuration but deletes the IP address, tunnel,
and gateway naming conventions for the new format introduced in
Panorama plugin for SD-WAN version 3.0. For new deployments
of SD-WAN, you do not need to clear the SD-WAN cache on Panorama
if you install the Panorama plugin for SD-WAN version 3.0 on Panorama
after you upgrade to PAN-OS 10.2.
| None. |
Recommended For You
Recommended Videos
Recommended videos not found.