What's New in PAN-OS 10?

Palo Alto Logo

Palo Alto Networks recently announced the release of PAN OS-10, their latest NGFW Firmware releaseThanks to state-of-the-art new features, PAN-OS 10 empowers users to stay ahead of threats, increase their visibility, and automate policies to reduce human error. 

Here are the most innovative ways PAN OS-10 is empowering users.  

Leveraging Machine Learning 

With machine learning powering many key features, PAN-OS 10 drastically reduces the amount of manual time spent configuring your firewall, setting rules, and creating parameters. PAN-OS 10 leverages machine learning to: 

  • Automate IoT Security: Leveraging AI and machine learning, PAN-OS 10 can accurately gauge what devices are trying to do, automatically creating rules and updating them as it learns more about the device activity. 
  • Generate Device-IDs: Machine learning determines metadata about a given device and creates a unique Device-ID based on the dynamically learned behavior. Rules can then be set based on the Device-IDs. 
  • Filter URLs: Leveraging inline machine learning, webpage content is analyzed to determine if it contains malicious components. 
  • Enhance GlobalProtect: PAN-OS 10 leverages the machine learning created Device-IDs to identify and quarantine compromised devices. 
  • Increased WildFire Capabilities: Machine learning now helps dynamically detect malicious files in portable executable PowerShell scripts. 

Significant Enhancements to Previous Functionality

In addition to introducing new technology, the PAN-OS 10 update also rolled out improvements and enhancements to existing functionality. These include: 

  • Visibility on Custom Threat Names: You can create custom Thread IDs on Panorama on a per-device group level, generating a threat log with custom data.  
  • External Dynamic List Log Fields: Now you can more easily identify when your traffic matches an EDL via new log fields. This allows you to easily determine if your EDLs are functioning as planned.  
  • Master Key Encryption Enhancement: A new encryption algorithm (AES-256-GCM) allows you to configure master key encryption for data like keys and passwords.  
  • IP Range and Subnet Support in Dynamic Address Groups: When you add a new device to your network as part of an already-tagged IP set, the firewall applies security policies automatically.  
  • X-Forwarded-For HTTP Header Data Support in Policy: Your firewall can now read XFF fields and use that data to enforce security policies.   
  • WildFire Real-Time Signature Updates: Access signatures as they’re created, to minimize security gaps. 

Advanced Network Capabilities

PAN-OS 10 also provides end users with some of the most advanced network capabilities found in firewalls in the market today. Some of the enhanced capabilities include: 

  • HA Clustering: You can now synchronize session states among firewalls in a HA cluster of up to 16 firewalls. In the case of one firewall going down, sessions are automatically re-routed to another firewall in the cluster. 
  • Advanced Route Engine: Allow your firewall to scale while maintaining high performance. This is ideal for large data centers, enterprises, and cloud users.  
  • IPv6 Address Support for the WildFire Appliance: WildFire added support for IPv6 s to enhance the capabilities of leveraging local file analysis. 
  • Cellular Network Features: Network Slice Security, Equipment ID Security, and Subscriber ID Security are now all supported and enhanced within a 5G network.  

New Panorama Features

Panorama now empowers users to manage policies and devices like never before, with the addition of these new features: 

  • Automatic Content Updates through Offline Panorama: Automatically download content updates when your appliances and applications are not connected to the internet.   
  • Syslog Forwarding At Layer 2: Optimize management operations by forwarding logs over an Ethernet interface, which prevents loss of logs and reduces management load.   
  • Access Domain Enhancements for Multi-Tenancy: Device Group and Template admins can now view the configuration and systems logs for devices within their access domain.   


Virtualization features are another way PAN-OS-10 is allowing end users to be forward-thinking and innovative with their firewalls. Two new virtualization features include: 

  • Automatic Site License Activation on the PAYG VM-Series Firewalls: PAYG subscribers can unlock enterprise-wide licenses for AutoFocus or Cortex Data Lake via device certificate.  
  • CN-Series Firewalls for Securing Kubernetes Deployments: Provision security for containerized applications across multiple Kubernetes environments with the CN-Series firewalls.   

The team at Vandis has extensive experience with architecting, deploying, managing, and upgrading Palo Alto Networks NGFWs in organizations across numerous industries. To get started with a free consultation, call 516-281-2200 or email info@vandis.com. 

For a full list of new features and updates, you can view the PAN-OS 10 Release Notes here.