Created On 09/25/18 17:30 PM - Last Updated 02/07/19 23:54 PM
This document shows how to manage content updates by frequency, day and time, and type of update.
To view new content, go to Device > Dynamic Updates. From there, the following functions may be performed:
Click Check Now to view the latest threat and application updates available from Palo Alto Networks.
Click Release Notes to view a description of an update. The recommendation is to always review the release notes.
Click Download next to an update to install it. When the download is complete, a checkmark is displayed in the Downloaded column.
Click Install next to an update to install the downloaded content update.
With a few exceptions, new content is updated weekly and posted for download late Tuesday evenings Pacific Time. Despite extensive quality assurance testing, Palo Alto Networks may become aware of an error in software released to the public. In the event of a critical "first day" issue the problem content will either be pulled or superseded with a new release. Typically, the issue is found and acted upon within the first 24 hours after release. Due to varying degrees of customer prioritization (that is, the latest content vs. proven stability) and policy, some customers choose to apply the latest content immediately upon availability. Other customers choose to delay applying the latest changes for a while.
Palo Alto Networks provides the configuration flexibility to accommodate customer policy.
For example: Each update can be manually downloaded and installed as outlined above or scheduled automatically:
To schedule the update for later, click Schedule.
Specify the frequency and timing of the updates and whether the update will be downloaded and installed or only downloaded.
If Download Only is selected, the downloaded update can be installed by clicking the Upgrade link on the Dynamic Updates page. When OK is clicked, the update is scheduled. Additionally, there is an option to delay the Action taken by setting a Threshold dictating how old the new content must be before either action takes place.
We recommend scheduling content for Daily Recurrence with an action of Download and Install and a Threshold in accordance with the risk-versus-benefit tolerance of the site. Daily recurrence allows the opportunity to download any new off-schedule releases for critical bug fixes or filtering updates. Download and install prevents having to manually interact with the system. The threshold can be left blank for immediate action, if the site is more concerned with speed of updates versus potential risk from bugs. Sites wanting to update only once a week can set the following: