The NGFW management plane now
supports the HTTP/2 network protocol, in
addition to the currently supported HTTP/1.1 network protocol. HTTP/2 enables more
efficient web communication by utilizing features like multiplexing, header
compression, server push functionality, and prioritization support, leading to
improved page load times and overall performance. When you manually enable HTTP/2
through the CLI, HTTP/1.1 is automatically disabled and includes no fallback
capability. The lack of fallback capability is to maintain compliance with certain
security safeguards (for example, to protect against request smuggling, response
queue poisoning, other HTTP/1.1 downgrade-related risks, and mandated encryption
through TLS), as well as various Federal standards. As such, you may need to specify
which protocol to use in environments with compatibility issues or if there are
security concerns requiring specific mitigation strategies.