Created On 09/25/18 19:30 PM - Last Modified 07/19/22 23:11 PM
Resolution
Dear valued Palo Alto Network customer,
To provide better application visibility and control for the ICS/SCADA deployments we will be releasing 29 functional App-IDs for the ICCP protocol with Application and Threat Content version 744.
Q: How does this change affect you ?
If you have ICCP protocol in your environment and have allowed it in policies with the existing ICCP App-ID you do not need to make any changes. Now you will start getting visibility into granular functional controls of the ICCP protocol.
If you are running PAN-OS version 7.1.x or later and have created a custom App-ID for ICCP using the iccp-req-func-code this protocol in your environment then we strongly recommend the following course of action to complete a successful installation of content version 744:
If the custom application for ICCP is already covered by the new ICCP App-IDs then please retire the existing custom applications by deleting them and removing them from security policies before installing content version 744. This will ensure there is no detection related conflicts and that the content installation succeeds.
If the custom application for ICCP is for a function code greater than 29 then please modify the "Parent App" for this custom application to "None" before installing content version 744. Once content version 744 is installed change the "Parent App" to iccp-base.