Application updates provide new and modified application signatures, or App-IDs. This update does not require any additional subscriptions, but it does require a valid maintenance/support contract. New application updates are published only on the third Tuesday of every month, to give you time to prepare any necessary policy updates in advance.

Modifications to App-IDs are released more frequently. While new and modified App-IDs enable the firewall to enforce your security policy with ever-increasing precision, resulting changes in security policy enforcement that can impact application availability. To get the most out of application updates, follow our tips to Manage New and Modified App-IDs.

Includes new and updated application and threat signatures. This update is available if you have a Threat Prevention subscription (in this case, you will get this update instead of the Applications update). New threat updates are published frequently, sometimes several times a week, along with updated App-IDs. New App-IDs are published only on the third Tuesday of every month.

The firewall can retrieve the latest threat and application updates within as little as 30 minutes of availability.

For guidance on how to best enable application and threat updates to ensure both application availability and protection against the latest threats, review the Best Practices for Applications and Threats Content Updates.

The device dictionary is an XML file for firewalls to use in Security policy rules based on Device-ID. It contains entries for various device attributes and is completely refreshed on a regular basis and posted as a new file on the update server. If there are any changes to a dictionary entry, a revised file will be posted on the update server so that Panorama and firewalls will automatically download and install it the next time they check the update server, which they do automatically every two hours.

Contains the vendor-specific information for defining and evaluating host information profile (HIP) data returned by GlobalProtect apps. You must have a GlobalProtect gateway subscription in order to receive these updates. In addition, you must create a schedule for these updates before GlobalProtect will function.

Contains new and updated application signatures to enable Clientless VPN access to common web applications from the GlobalProtect portal. You must have a GlobalProtect subscription to receive these updates. In addition, you must create a schedule for these updates before GlobalProtect Clientless VPN will function. As a best practice, it is recommended to always install the latest content updates for GlobalProtect Clientless VPN.

Provides access to malware and antivirus signatures generated by the WildFire public cloud in real-time. Optionally, you can configure PAN-OS to retrieve WildFire signature update packages instead. You can set the firewall to check for new updates as frequently as every minute to ensure that the firewall retrieves the latest WildFire signatures within a minute of availability. Without the WildFire subscription, you must wait at least 24 hours for the signatures to be provided in the Antivirus update.