HSM clients are integrated with PA-3200 Series,
PA-5000 Series, PA-5200 Series, PA-7000 Series, and VM-Series firewalls
and with the Panorama management server (both virtual and M-Series
appliances) for use with the following HSM vendors:
—PAN-OS 8.1 supports nCipher nShield client version
12.30. PAN-OS 8.0 and earlier releases support client version 11.62,
—The supported client versions depend on
the PAN-OS release:
PAN-OS 8.1—SafeNet Network client
versions 5.4.2 and 6.2.2.
PAN-OS 8.0.2 and later PAN-OS 8.0 releases (also PAN-OS 7.1.10
and later PAN-OS 7.1 releases)—SafeNet Network client versions 5.2.1,
5.4.2, and 6.2.2.
The HSM server version
must be compatible with these client versions. Refer to the HSM
vendor documentation for the client-server version compatibility
matrix. On the firewall or Panorama, use the following procedure
to select the SafeNet Network client version that is compatible
with your SafeNet HSM server.
Downgrading HSM servers
might not be an option after you upgrade them.