Focus
Focus
Table of Contents

Install

Install critical bug and Common Vulnerability and Exposure (CVE) fixes when your Next-Gen firewalls has outbound internet access.
  1. Select DeviceSoftware and Check Now to retrieve the latest PAN-OS software patches from the Palo Alto Networks Update Server.
  2. Check (enable) Include Patch to display all available PAN-OS software patches.
  3. Locate the software patch for the PAN-OS release currently installed on your Next-Gen firewall.
    A software patch is denoted by a Patch label displayed alongside the Version name.
  4. View More Info to review the software patch details such as the critical bug and CVE fixes and whether the Next-Gen firewall needs to be restarted for the fixes to be applied.
  5. Download the software patch.
    (HA only) Check (enable) Sync to HA Peer and Continue Download to download the PAN-OS software patch.
    Click Close after the software patch successfully downloaded.
  6. Install the software patch.
    After the software patch has successfully installed, click Close.
  7. Apply the software patch.
    Click Apply when prompted to confirm you want to apply the installed PAN-OS software patch to the Next-Gen firewall.
    A status bar is displayed showing the current progress of the PAN-OS software patch application. Click Close after the patch is successfully applied.
    At this point, the firewall automatically reboots if a reboot is required to complete applying the PAN-OS software patch to the Next-Gen firewall.
  8. (HA only) Install the PAN-OS software patch on the firewall HA peer.
    1. Select DeviceSoftware Check Now.
    2. Install the software patch.
    3. Reboot the firewall if required.