如何禁用内容的预定更新 CLI
11454
Created On 05/06/20 14:36 PM - Last Modified 03/26/21 16:15 PM
Objective
管理 firewall 端口无法访问互联网,本地管理员无法访问 firewall 使用 WebUI 的情况。 如果防病毒应用和威胁的自动内容更新 Wildfire 已启用, firewall 即使没有 Internet 连接,也会尝试连接到更新服务器。 这将为每次失败的尝试生成系统日志条目,因此没有必要。 如果您仍然可以访问控制台端口,则可以禁用预定的更新 CLI 。
Environment
- 任何帕洛阿尔托 Firewall
- PAN-OS 8.1, 9.0, 9.1
Procedure
要禁用内容更新 CLI ,请运行以下命令以禁用所需的更新并验证结果。 这将停止不需要的系统日志条目。
> configure
# delete deviceconfig system update-schedule anti-virus //schedule for anti-virus deleted
# delete deviceconfig system update-schedule threat //schedule for threat deleted
# delete deviceconfig system update-schedule url-database //schedule for url-database deleted
# delete deviceconfig system update-schedule wf-private //schedule for wf-private deleted
# delete deviceconfig system update-schedule wildfire //schedule for wildfire deleted
# commit
# show deviceconfig system update-schedule //This command is to recheck the schedule.
# exit