CN-Series is now qualified with support for User Identity (User-ID) in the Kubernetes as CNF mode. User-ID helps to leverage user information and provides improved visibility into application usage. User-ID also helps with policy control and reduced attack surface by providing need-based user access and gives a complete picture of the security incident through logging, reporting, and forensics. For more information, see User-ID.

CN-Series firewall now supports real-time Advanced Threat Prevention (ATP) for detecting malware and zero-day vulnerability exploits using the advanced ML engines in the cloud.The CN-Series ATP is delivered as a containerized solution for high scalability and low-latency cloud-native service. The ATP feature is supported on PAN-OS 11.0 and later releases and all CN-Series deployment modes: Deploying CN-Series firewall as a Kubernetes service, Daemonset, and a Kubernetes CNF. For the ATP feature, you need the Advanced Threat Prevention licenses and enable the Inline Cloud Analysis. To enable the CN-Series ATP feature, you can use the YAML files from the Palo Alto Networks CSP for deploying the containerized firewall pods or enable the ATP feature while configuring the CN-Series deployment on the Customer Service Portal (CSP).