Expanded Data Collection for DNS Security Improvements
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
End-of-Life (EoL)
Expanded Data Collection for DNS Security Improvements
The DNS Security service collects
additional server response and request information from the firewall
when performing domain queries. The firewall forwards the DNS data
in less than 30 seconds after collection and batching does not impact
firewall performance. In cases where the firewall is experiencing
a high load, DNS data collection scales down as needed to maintain
expected performance levels. Palo Alto Networks uses this data to
provide more accurate domain information (such as provider ASN,
hosting information, and geolocation identification) to generate
improved analytics, DNS detection, and prevention capabilities.
DNS expanded data collection is bypassed for domains added
to the Allow list in DNS Exceptions.