HTTP/2 Network Support
Focus
Focus
What's New in the NetSec Platform

HTTP/2 Network Support

Table of Contents

HTTP/2 Network Support

NGFWs running PAN-OS 11.2.8 or later and PAN-OS 12.1.2 or later now support the HTTP/2 network protocol.
August 28, 2025
  • Additional support added for firewalls in PAN-OS 12.1.2
August 21, 2025
  • Introduced for firewalls in PAN-OS 11.2.8
The NGFW management plane now supports the HTTP/2 network protocol, in addition to the currently supported HTTP/1.1 network protocol. HTTP/2 enables more efficient web communication by utilizing features like multiplexing, header compression, server push functionality, and prioritization support, leading to improved page load times and overall performance. When you manually enable HTTP/2 through the CLI, HTTP/1.1 is automatically disabled and includes no fallback capability. The lack of fallback capability is to maintain compliance with certain security safeguards (for example, to protect against request smuggling, response queue poisoning, other HTTP/1.1 downgrade-related risks, and mandated encryption through TLS), as well as various Federal standards. As such, you may need to specify which protocol to use in environments with compatibility issues or if there are security concerns requiring specific mitigation strategies.