Palo Alto Networks | Palo Alto Networks Global Customer Services Support | Resource Guide 1
Palo Alto Networks
Global Customer Services
Support Resource Guide
2Palo Alto Networks Global Customer Services Support | Resource Guide
Contact Information
Corporate Headquarters:
Palo Alto Networks
3000 Tannery Way
Santa Clara, CA 95054
www.paloaltonetworks.com/company/contact-support
About the Documentation
• For the most recent version of this guide or for access to related documentation, visit the
Technical Documentation portal www.paloaltonetworks.com/documentation.
• To search for a specic topic, go to our search page www.paloaltonetworks.com/
documentation/document-search.html.
• Have feedback or questions for us? Leave a comment on any page in the portal, or write to us at
Copyright
Palo Alto Networks, Inc. www.paloaltonetworks.com © 2020 Palo Alto Networks, Inc. Palo Alto
Networks is a registered trademark of Palo Alto Networks. A list of our trademarks can be found at
www.paloaltonetworks.com/company/trademarks.html. All other marks mentioned herein may be
trademarks of their respective companies.
Last Revised
May 2020
3Palo Alto Networks Global Customer Services Support | Resource Guide
Dear Palo Alto Networks Customer,
Thank you! We greatly appreciate you entrusting Palo Alto Networks to secure and protect your
business. Your organization counts on you—the cyber defender—to ensure the total protection
and safety of your digital assets. Our intent is to be your cybersecurity partner of choice. Your
protection is our priority.
Our commitment to your success is unwavering as we strive to deliver an exceptional customer
experience for you. The Global Customer Services (GCS) organization and Authorized Support
Centers are here to ensure maximum uptime and streamlined operations.
We oer a number of support services to optimize your Palo Alto Networks implementation
and operation to ensure complete security. There are numerous enhancements to our support
systems that make it easier for you to quickly and eciently nd the answers you are searching
for, including:
• LIVEcommunity—a peer-to-peer online community of intelligent and collaborative net-
work security and IT professionals working to address similar challenges together. Improve-
ments to our search capabilities include the use of articial intelligence to produce the most
relevant results—enabling you to nd answers fast.
• Improved resources, such as Knowledge Base, TechDocs, and the Customer Support Portal, to
help answer your questions and solve your issues promptly.
• Platinum Support—a new support oering for your convenience. Platinum Support is a
top-tier support oering that provides you with the expertise you need, exactly when you
need it, to keep your business safe and secure. Platinum Support provides the fastest response
times with a dedicated team of senior engineers to resolve any support issues.
• Finally, we’ve been recognized by TSIA and J.D. Power for the fth consecutive year for pro-
viding “An Outstanding Customer Service Experience” with our Assisted Technical Support.
Please use this resource guide to help better acquaint yourself with the array of support services
that are available to you. Remember, we are here to help you protect your business and to solve
your cybersecurity challenges.
Sincerely,
Patty Hatter
SVP, Global Customer Services
Palo Alto Networks
4Palo Alto Networks Global Customer Services Support | Resource Guide
Table of Contents
1. Overview of Support Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.1 Self-Service Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.2 Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.3 Customer Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
1.4 Hardware Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. Support Plan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
2.1 Case Response SLA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
2.2 Target Follow-Up Times. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
2.3 Case Severity Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3. Technical Case Workow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
3.1 How to Open a Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.2 Case Owner Responsibilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
3.3 Requesting an Event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
3.4 Case Resolution Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.5 Customer Best Practices for Engaging Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.6 Software Defect Case Resolution Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4. Access Support Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.1 Customer Support Portal Login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.2 Open a Non-Critical Case. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
4.3 Open a Critical Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.4 Update Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.5 Increase Case Severity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
4.6 Report a Software Defect (Bug). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
4.7 Request RMA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
4.8 Report a Beta Release Issue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
4.9 Request a Feature Enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
4.10 Reopen a Closed Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
5. Return Materials Authorization (RMA) Workow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
5.1 Request an RMA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
5.2 RMA Delivery Times . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.3 RMA License Transfers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.4 Returning the Defective Platform/Part. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.5 Failure Analysis Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6. Security Vulnerability Workow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.1 Denition of a Security Vulnerability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.2 How to Report a Security Vulnerability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.3 Acknowledgement and Analysis of a Vulnerability Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.4 Fix or Corrective Action. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.5 Notication of Product Security Information and Software Updates . . . . . . . . . . . . . . . . . . . . . . . . 11
6.6 Publication of Security Advisories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.7 Security Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
7. End of Life Announcements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
8. Appendix A: Quick Reference to Support Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
8.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
8.2 Online Self-Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
8.3 How to Open a Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5
1. Overview of Support Resources
Palo Alto Networks Support provides timely access to the
expertise needed to protect your business. Digital resourc-
es such as Knowledge Base, LIVEcommunity, Beacon,
TechDocs, and other self-service tools are available 24/7,
year-round.
The Global Customer Support teams, comprising Technical
Support, Customer Service, and Hardware Services, provide
around-the-clock web or phone support for customers with
valid entitlements.
1.1 Self-Service Tools
We encourage you to use our self-service tools to help you
quickly and eciently nd answers to your questions.
• Knowledge Base—knowledge-centered support to answer
questions and resolve issues.
• LIVEcommunity—where authorized users can connect,
share, and learn with other cybersecurity professionals
through posts, blogs, and discussions.
• Beacon—one-stop education portal that gathers all Palo
Alto Networks resources in one location.
• TechDocs—technical guides to all products, Best Practices,
and resources, such as Release Notes and Compatibility
Matrix.
• Day 1 Conguration—templates to build a baseline con-
guration based on best practices.
• Applipedia—application database used along with
App-ID™ technology to identify applications traveling
through your Palo Alto Networks Next-Generation Firewall.
• Security Advisories—lists all security vulnerabilities
identied in currently supported Palo Alto Networks
products.
• Threat Vault—enables authorized users to research the
latest threats (vulnerabilities/exploits, viruses, and spy-
ware) that Palo Alto Networks Next-Generation Firewalls
can detect and prevent.
• URL Filtering Categorization—test URL ltering categories.
• Updates—software and dynamic (content) updates are
available to authorized users in the Updates section of the
Customer Support Portal (CSP).
1.2 Technical Support
Technical support for Palo Alto Networks products is avail-
able 24/7, year-round by web or phone for customers with
Platinum and Premium Support. Standard Support is
available during business hours. Customers with
Premium Partner Support will open cases through their
Authorized Support Center (ASC).
Technical Support handles:
• Technical break/fix and how-to issues
• Product software or feature problems (bugs)
• Defective returns (return merchandize authorization or
RMAs)
To engage Technical Support, select Tech Support in the
Type eld when creating a web case or when prompted by
the automated phone system.
1.3 Customer Service
Customer Service assists with non-technical administrative
cases 24/7, year-round, including:
• Login Assistance for the Customer Support Portal
• Password resets and email address changes
• Product registration and license activation
• License management (expiration dates, grace period,
bundles)
• Product and license transfers
Select Admin in the Type eld when creating a web case or
when prompted by the automated phone system. (Note:
Select Tech Support for product login administration
issues.)
1.4 Hardware Services
Technical Support determines if a product is defective and
will assign a subcase to the Hardware Services team for the
logistics follow up. Hardware Services will:
• Obtain the delivery address.
• Verify trade compliance for international deliveries.
• Submit an RMA to logistics provider.
• Provide delivery updates.
To report defective hardware, select Tech Support in the
Type eld when creating a web case or when prompted by
the automated phone system.
2. Support Plan
With business-critical customer support options and 24/7
availability, as well as a global network of support centers
and parts-replacement depots, Palo Alto Networks provides
a range of support and maintenance options designed to
meet all business needs:
• Standard Support
• Premium Support
• Platinum Support
• Focused Services
• On-Site Spares Hardware Program
Palo Alto Networks Global Customer Services Support | Resource Guide
6
2.1 Case Response SLA
Palo Alto Networks Global Customer Services Support | Resource Guide
Figure 1: Service-level agreements for case response
Required Support Tiers
(Asset)
Optional Focused Services
(Account)
Premium Platinum Focused
Focused
PLUS
Focused
ELITE
Technical
Support
Telephone support
24/7 24/7
Response time (critical issue)
1 hour 15 minutes
Support specialist type
Support
Engineer
Senior
Engineer
Support
Engineer
Designated
Engineer
Designated
Engineers
RMA
NBD | 4 hours NBD | 4 hours
Security
Assurance*
Assisted security investigations
• •
Advanced log & IOC analysis
• •
Recommended next steps
• •
Expert
Assistance
Planned event support
• •
On-site assistance (critical issue)
• •
Failure analysis (HW)
• •
Personalized
Experience
(Focused
Services)
Designated SAM
• • •
Case Management/Escalation
• • •
Weekly Reviews (Cases, Planning)
• • •
Root Cause Analysis ( HW + SW)
• • •
Best Practice Reviews
• • •
FCS Services Webinars
• • •
Proactive Threat Notifications
• • •
Release Reviews
• • •
Designated Engineers
•
24/7
Tailored Release Strategy
• •
Access to engineering
• •
Proactive Performance Sweep
1 2
SecOps Optimization Service
1 2
Customer
Surround
Designated Service Delivery Leader
(Tier 3) (Tier 2 and 3)
Orchestrate all services delivered
• •
Coordinate all designated resources
• •
Report activities and milestone
• •
Continuous develop services strategy
• •
7
2.2 Target Follow-Up Times
• Severity 1—Critical: Every 4 hours until resolved or a
workaround is in place.
• Severity 2—High: Every business day.
• Severity 3—Every 3 business days until resolved.
• Severity 4—Low: Once per business week until resolved.
2.3 Case Severity Guidelines
• Severity 1—Critical: Product or mission critical feature is
down and critically aecting the customer production en-
vironment. No workaround is available.
• Severity 2—High: Product is impaired and customer pro-
duction is up but impacted. No workaround yet available.
• Severity 3—Medium: A product function has failed and
customer production is not aected. Support is aware of the
issue and there is a workaround available.
• Severity 4—Low: Product function is not impaired and has
no impact on customer business. Includes feature func-
tionality and conguration questions, information, and
documentation how-tos and enhancement requests.
Recommended for critical cases: Create a web case through
the CSP and set the severity as critical. If you would like to
speak with the case owner, call Support and enter the case
number into the automated system. To see the service level
agreement for each case severity, see table 1 in section 4.5.
3. Technical Case Workflow
When a case is opened, a Technical Support Engineer will re-
view the issue and data presented. The engineer will update
the case either via Case Comments or call the customer at the
phone number provided when opening the case.
If a live troubleshooting call is required, the TAC engineer will
coordinate with the customer at an appropriate time.
3.1 How to Open a Case
Web cases may be created by authorized users from the Cus-
tomer Support Portal (CSP) or through LIVEcommunity for
technical (Tech Support) and non-technical (Admin) issues.
These options are available to customers with Platinum, Pre-
mium, or Standard Support. Customers with Premium Partner
Support will contact their Authorized Support Center.
CSP: https://support.paloaltonetworks.com > Support Cases
LIVEcommunity: https://live.paloaltonetworks.com
> Create
a Support Case
Knowledge Base articles will be suggested throughout the
case creation process based on subject and description.
Recommended for critical cases: Create a web case through
the CSP. Set the severity as critical. If you would like to speak
with the case owner, call Support and enter the case number
into the automated system.
If unable to create a login or access the Support Cases sec-
tion of the CSP, request Login Assistance. If unable to locate
the product serial number, select the option to have Customer
Service submit the technical case. Customer Service will then
Palo Alto Networks Global Customer Services Support | Resource Guide
investigate and resolve the issue with the serial number.
New cases are not accepted via email, but once a case is creat-
ed, email may be used to view and reply to case updates.
3.2 Case Owner Responsibilities
Once a support case is opened with Palo Alto Networks TAC,
depending upon product technology and service entitlements,
the case is routed to an appropriate engineer. The engineer is
responsible for the following:
• Take ownership of the Palo Alto Networks Support Case.
• Provide an Initial Response within SLA and perform trouble-
shooting, diagnostics or undertake any remediation steps.
• TAC will document all activity in Case Comments and pro-
vide updates as per the committed follow-up times based
on Case Severity.
• Engage additional resources as needed to address issues.
• Follow up and close the Support Case upon conrmation
from Customer.
3.3 Requesting an Event
An event is a scheduled session with a support engineer where
all parties will join a bridge at a predetermined time to con-
duct whatever troubleshooting or maintenance has been
agreed upon.
An event may be requested for:
• Failed upgrade attempts
• Maintenance windows associated to a support case with an
existing technical issue
• Troubleshooting session to resolve an ongoing technical issue
If requesting a Support Event, review the Support Event
Guidelines: When to request a Support Event.
The Customer Support Program Summary explains which
entitlements include Planned Event assistance.
3.4 Case Resolution Process
Palo Alto Networks Support engineers will take ownership of
the support case and work toward providing a resolution. If a
resolution cannot be provided, the Support engineer will make
best eort to provide a workaround or share mitigation plan.
Support engineer may perform any or all of the following steps:
• Review network topology, rewall conguration, and ana-
lyze logs to provide next steps or debug issue.
• Perform live troubleshooting on customer device or repli-
cate issue in a Palo Alto Networks lab.
• If the issue is determined to be hardware failure, proceed
with an RMA.
• If the issue is determined to be Software Defect, raise an is-
sue report with Engineering.
• Guide customer to correct resource if issue falls outside
scope of Support.
3.5 Customer Best Practices for Engaging Support
We understand your business needs to resolve Support is-
sues in a timely manner. To help provide you quality support
8
experience and resolve your issues quickly, we encourage
our customers to follow the best practices when engaging
with Palo Alto Networks Support:
• Search for help online. See Section 1.1 for self-help tools.
• If you do choose to open a web case, check the articles of-
fered as you enter the subject and description to see if they
will resolve the issue.
• Submit one problem per case. Fill in all fields to the
best of your knowledge. Provide a brief summary and
detailed description of the issue with as much
information as possible.
• Set the appropriate severity of the support case. Raise or
lower the severity through the case online through the CSP
if the situation changes.
• For faster resolution, upload all relevant support files and
logs to the case when opening it.
• Note the case owner’s working hours in the response
email signature. If you need immediate attention outside
your assigned engineer’s working hours, call Support.
• Update a case via the email generated each time a comment
is made, online through Case Comments or call Support for
urgent issues. There is no option to email Support directly.
• If you are unable to log in or create a case, request assistance.
• During Case Creation we may ask you to provide addition-
al information for certain product types. We strongly en-
courage you to spend a few more minutes and answer these
questions as they help to speed up the resolution time.
3.6 Software Defect Case Resolution Process
During the course of investigation of a Support Issue, if we
determine the issue is due to a software failure, the assigned
Support case engineer will follow the process below:
• Open an issue report with Palo Alto Networks engineering
team.
• Share Issue Report ID with the customer and provide up-
dates on resolution status.
• Share with the customer any available workarounds or
mitigation steps in the interim.
• Once a x is identied and we have a targeted software re-
lease version, we will share the release info and estimated
time for the x.
4. Access Support Resources
4.1 Customer Support Portal Login
Create a Customer Support Portal (CSP) account and user
login to securely access Support resources. Once the CSP ac-
count is created, you’ll be able to register products and auth
codes. Among other features oered on the portal, you’ll be
able to manage memberships, run the Day 1 Conguration
tool, connect to knowledge resources, and log Support cases
Palo Alto Networks Global Customer Services Support | Resource Guide
for products with valid Platinum, Premium, or Standard
support.
4.2 Open a Non-Critical Case
Support cases may be created by authorized users from the
CSP or through LIVEcommunity for technical (Tech Sup-
port) and non-technical (Admin) issues. These options are
available to customers with Platinum, Premium, or Standard
Support. Customers with Premium Partner Support will con-
tact their Authorized Support Center (ASC).
Be sure case Subject and Description are complete and pro-
vide a clear explanation of the issue, including:
• Serial number of the product or auth code
• Cluster peer if HA
• Date and time of the issue (if possible)
• Explain changes made to the network or any new trac
introduced
• Products in question upgraded or downgraded
• Any logs, screenshots, or ACC output that can help further
analyze the issue
• Upload relevant product support les
Knowledge articles which may resolve your issue will be
suggested throughout the case creation process based on
subject and description.
If unable to create a login or access Support Cases, request
Login Assistance. If a serial number is not found when cre-
ating a case, select the option to have Customer Service cre-
ate and route the technical case. The team will then inves-
tigate and resolve the issue with the missing serial number.
New cases are not accepted via email, but once a case is cre-
ated, email may be used to view and reply to case updates.
4.3 Open a Critical Case
• Open a web case through the CSP as described above and
set the severity as Critical. Conrm that the product is
down and critically aecting a production environment
with no workaround available.
• Call Support if more immediate attention is needed and
enter the case number in the automated system.
We will work the issue around the clock until a resolution or
workaround is available. If we are unable to contact you, the
severity of the case will be lowered.
4.4 Update Case
Update an existing case by replying to the email generat-
ed when a new comment is entered or by logging in to the
Support Portal, selecting Support Cases, and ltering by My
Cases, My Company’s Cases, or entering the case serial num-
ber. Enter the comment and click the Post Comment button.
Call Support for urgent updates. Enter the case number when
prompted by the phone system, and your case will be routed
to the assigned case owner or the next available engineer.
9
4.5 Increase Case Severity
The table below provides case response SLAs. More detailed
information can be found in Section 2.
Table 1: Service-Level Agreements for Case Response
Severity
First Response
(Standard/
Premium/
Focused Services)
Follow-Up
Response
Platinum
Support First
Response SLAs
Critical
< 1 Hour Every 4
hours
< 15 Minutes
High
< 2 Business
Hours
1 Business
Day
< 30 Minutes
Medium
< 4 Business
Hours
3 Business
Days
< 2 Hours
Low
< 8 Business
Hours
Once per
Business
Week
< 4 Hours
Severity Denitions
• Severity 1—Critical: Product is down and critically aects
customer production environment. No workaround yet
available.
• Severity 2—High: Product is impaired and customer pro-
duction is up but impacted. No workaround yet available.
• Severity 3—Medium: A product function has failed and
customer production is not aected. Support is aware of the
issue and there is a workaround available.
• Severity 4—Low: Product function is not impaired and has
no impact on customer business. Includes feature, infor-
mation, documentation, how-to, and enhancement re-
quests from the customer.
If the impact of the issue has increased since initially reported,
increase the severity online. The system will generate a notica-
tion to the case owner or available team member.
If the issue has become critical, update the case online and call
Support if you want to speak to an engineer. Once the case num-
ber is entered in the system, the call will route to the assigned
case owner or next available team member.
If you are not satised with the progress of a case, then call
Support and ask to speak with a Duty Manager.
If still not satised with the results, contact your Palo Alto
Networks Systems Engineer and request a case escalation.
4.6 Report a Software Defect (Bug)
Open a technical support case to conrm a software defect. Pro-
viding the additional details below will lead to a faster resolution:
• Detailed problem description
• If any upgrades/downgrades were performed, including
release versions
• How the issue is observed (if under specic circumstances/
trac patterns)
• Any logs, screenshots, or ACC output that can help further
analyze the issue
• Tech Support Files
Palo Alto Networks Global Customer Services Support | Resource Guide
4.7 Request RMA
To report defective hardware, select Tech Support in the
Type eld when creating a web case or when prompted by
the automated phone system. See Section 6 for more details.
4.8 Report a Beta Release Issue
Invitation-only beta releases are supported through the Beta
Forum on LIVEcommunity. The forum is the place for autho-
rized beta participants to engage in discussions, ask ques-
tions, report issues, and provide feedback about the product.
tem Engineer for information about beta programs.
4.9 Request a Feature Enhancement
To submit a feature enhancement, reach out to your local
sales team, to create a new request or add your vote to an ex-
isting one. For a new feature enhancement, it helps to have
as many details as possible to support the request:
• Use cases
• Business needs
• Comparable features
• Existing examples
A business justication will help the product teams and en-
gineers decide which features merit the most priority for the
next or subsequent releases.
4.10 Reopen a Closed Case
A closed case less than 60 days old may be reopened if the
same issue reoccurs. Search for the case in the Closed case
lter or enter the case serial number. Click the Request to
Reopen Case button and provide the reason to reopen the
case. Call Support if the issue is urgent and the case will be
routed to the next available engineer.
5. Return Materials Authorization
(RMA) Workflow
5.1 Request an RMA
To request an RMA, the defective device must be registered
in the CSP with an active support auth code, and a technical
case must be submitted.
Select Tech Support in the Type eld when creating a web
case or when prompted by the automated phone system. The
Technical Support Engineer will troubleshoot the device to
diagnose the defect.
Upon making a determination that an RMA is necessary, the
engineer will route the case to the Hardware Services team,
which will act immediately to:
• Obtain delivery address
• Verify trade compliance for international deliveries
• Submit RMA to logistics provider
• Provide delivery updates
10
5.2 RMA Delivery Times
RMAs must be delivered to a physical address (not a P.O.
box), and a recipient signature is required.
Customers with a 4-Hour Support contract will receive the
replacement within four hours of submission of the RMA to
the logistics provider by the Hardware Services team. The
replacement will be delivered by private courier, and no RMA
tracking information will be available in the RMA Tracking
section of the case. Contact your case owner for delivery up-
dates. A specic delivery time may be requested if delivery
within four hours is not convenient. Palo Alto Networks will
pay for all shipping costs associated with the advance re-
placement and defective return.
Customers with Platinum, Premium, or Premium Part-
ner Support will receive Next Business Day (NBD) delivery,
if the order is received by the logistics provider by 3 p.m. at
the depot from which it is being shipped. With the exception
of some countries where local couriers are used, tracking
information (generally from FedEx or DHL) will appear in
the RMA Tracking section of the case. If there is no tracking
information in your case, the case owner should be able to
obtain an update for you. Palo Alto Networks will pay for all
shipping costs associated with the advance replacement and
defective return.
Customers with Standard Support must return the defective
unit at their own expense to the address provided in the case
by the Hardware Services team. A replacement unit will be
shipped upon receipt. Replacement shipping costs will be
paid by Palo Alto Networks. (Note: LAB and NFR units have
Standard Support; however, RMAs will be processed with all
NBD shipping rules.)
An Importer of Record (IOR) must be identied if shipping to
a country that does not have a local depot. The IOR will facil-
itate customs clearance of the device. The device will remain
in customs and eventually be returned to Palo Alto Networks
or destroyed if no IOR is provided. Palo Alto Networks will
reimburse any shipping and duty costs incurred if the device
is under Platinum, Premium, or Premium Partner Support.
Your Sales team will be able to provide information about
depot locations. Shipping times will vary depending on the
trade rules in these countries.
The RMA Process and Policy document provides additional
detailed RMA information.
5.3 RMA License Transfers
The replacement device will be SKU’d as a “Spare” to permit
the license transfer from defective to replacement.
Customers with an On-Site Spare (OSS) device will be able to
transfer licenses from the defective device to the OSS using
the steps in the above link. There are two replacement op-
tions with an OSS:
• Leave the OSS in the production network and use the RMA
replacement as the new spare.
• Transfer the licenses from the OSS to the replacement
spare and open an Admin Case to have the OSS returned to
spares inventory.
Palo Alto Networks Global Customer Services Support | Resource Guide
Once the license transfer is complete, the spare device will have
all of the attributes of the defective unit. The defective device
will have valid licensing for 30 days from the date of the transfer
to allow time to remove the unit from a production network.
Be sure to transfer licenses prior to returning the defective
device. If the defective serial number is no longer visible in
the CSP account, license recovery may still be possible using
the Can’t Find Defective Serial Number option. If still un-
able to nd the serial number, create an Admin web case and
Customer Service will assist.
5.4 Returning the Defective Platform/Part
A defective platform should be returned to Palo Alto Networks
within 10 days of receipt of the replacement unit. Return in-
structions and a prepaid return airway bill will be provided with
the replacement unit. Customers are asked to provide informa-
tion for the Asset Recovery Contact in the RMA form. This is the
person the Asset Recovery team will communicate with should
the unit not be returned within 10 days.
Here are some additional RMA instructions and details:
• Click the Missing Return Instructions button in your RMA
case if unable to locate your return instructions. The Asset
Recovery Contact should receive new instructions within
one business day.
• If the device will not be returned within 10 days, request an
extension via case comments and provide an estimated re-
turn date. The Hardware Services team will notify Logistics.
• If returning the replacement or realize that the serial
number reported defective is incorrect, update the Case
Comments with the serial number being returned. The
Hardware Services team will notify Logistics.
• Failure to return a defective device will result in the decom-
missioning of that serial number. Failure to notify Palo Alto
Networks of a change to the returned serial number may
also result in the decommissioning of the original serial
number reported.
• Many defective parts do not need to be returned. The Hard-
ware Service team will advise via Case Comments if the de-
fective part can be recycled. No prepaid airway bill will be
provided with the replacement for parts that do not need to
be returned.
5.5 Failure Analysis Reports
A detailed failure analysis report may only be requested for
devices entitled with Platinum Support. When submitting the
case for such serial numbers, indicate in the Case Comments
that a failure analysis report is needed. The Hardware Services
team will include the request when submitting the RMA to
Logistics. Failure analysis may be requested after the RMA has
been submitted up until the returned unit has been scrubbed
of all customer data. The Hardware Services team will be able
to advise the status of the defective serial number.
Failure Analysis for devices with Premium Support will be
provided on an exception basis only with a Technical Support
Manager’s approval. Failure Analysis is not available for de-
vices with Standard Support.
11Palo Alto Networks Global Customer Services Support | Resource Guide
6. Security Vulnerability Workflow
6.1 Definition of a Security Vulnerability
Palo Alto Networks denes a Security Vulnerability as
a weakness or aw in a product or service that could al-
low an attacker to compromise the integrity, availability, or
condentiality of the product or service.
NOTE: This specically excludes network security-related
functionality of the product or service (e.g., intrusion pre-
vention, application or le identication, antivirus, mal-
ware analysis) which pertain to the function and ecacy of
the product or service. Issues pertaining to security- related
functionality of a product or service will be handled via
Palo Alto Networks Customer Support.
6.2 How to Report a Security Vulnerability
Contact the Palo Alto Networks Product Security Incident
Response Team (PSIRT) by completing the Palo Alto Networks
Product Vulnerability – Report a Security Vulnerability form
or submitting an email to [email protected]. We
encourage the submission of vulnerabilities via encrypted
email. Our PGP public key is available here.
Please include details on the software and hardware con-
guration, reproduction steps, potential impact, and a
proof of concept (if possible). This will enable us to dupli-
cate the issue and respond to your report more quickly. In
order to avoid reporting a known issue that has already
been resolved, we recommend all testing be performed on
the most recent software version available from https://
support.paloaltonetworks.com.
6.3 Acknowledgement and Analysis of a
Vulnerability Report
PSIRT will acknowledge the receipt of the report within two
(2) business days. A tracking number will be provided in the
acknowledgment email. Please include this tracking number
in the subject of all further email communications relating to
the submission. Upon receiving all relevant information, we
will endeavor to provide a response with our analysis within
ve (5) business days. Some issues may be more complex and
require more time to investigate.
6.4 Fix or Corrective Action
Palo Alto Networks will provide a x for a security vulnerability
that aects our products or services that are not end of life. Our
end-of-life policy can be viewed at End-of-Life Summary.
The x may take one or more of the following forms:
• For customer-delivered software (such as PAN-OS and
Panorama), a software x included in a subsequent major
or minor release of the aected product
• For cloud-based services (such as Aperture and AutoFocus),
a software x applied to the cloud-delivered service
• A corrective procedure or workaround to mitigate the im-
pact of the vulnerability
6.5 Notification of Product Security Information
and Software Updates
Information relating to addressed vulnerabilities are pub-
lished in Security Advisories on our website at Palo Alto
Networks Product Vulnerability – Security Advisories.
6.6 Publication of Security Advisories
Security Advisories are published under the following sit-
uations:
• A security issue that is specic to our software or that aects
open source software which can reasonably be assumed to af-
fect our software is publicly reported and widely available, AND
a x is available in one or more supported software versions.
• A security issue that aects our software is privately reported
to Palo Alto Networks, AND a x is available in all currently
supported software versions.
Security Advisories will contain a Description, Common
Vulnerability Enumerator (CVE), Impact, Severity, Aected
Products, Available Updates, and Acknowledgement of the
reporter (if applicable).
We may publish follow-up blog posts or Knowledge Base ar-
ticles for issues that drive high volumes of support requests or
generate media attention, or in cases where additional infor-
mation is useful to support our customers after the release of a
Security Advisory.
Customers can sign up for email notication of new or updated
Security Advisories on our support website at https://support.
paloaltonetworks.com.
6.7 Security Assurance
If you detect suspicious activity in your network, Security As-
surance provides extra help from Palo Alto Networks when you
need it the most. Security Assurance provides:
• Access to Palo Alto Networks security experts and their spe-
cialized threat intelligence tools and threat hunting practices.
• Advanced log and indicators of compromise (IOC) analysis.
• Conguration assessment that includes customized prod-
uct security recommendations.
• Next step recommendations to expedite the transition to
your incident response (IR) vendor to help manage and re-
solve the incident.
To take advantage of Security Assurance, you must subscribe to
the Premium Support Contract (on or after November 1, 2019)
or to the Platinum Support Contract. The rst step toward Se-
curity Assurance is to run the Best Practice Assessment (BPA) to
measure your adoption of seven key security capabilities.
If you experience suspicious activity, when you engage Securi-
ty Assurance, you must provide a specic set of data about the
suspected incident so Palo Alto Networks’ experts can investi-
gate the activity. After you collect data about the suspicious ac-
tivity to ensure the timely analysis of the relevant information,
you’re ready to engage Security Assistance. You can engage Se-
curity Assistance in two ways:
3000 Tannery Way
Santa Clara, CA 95054
Main: +1.408.753.4000
Sales: +1.866.320.4788
Support: +1.866.898.9087
www.paloaltonetworks.com
© 2020 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark
of Palo Alto Networks. A list of our trademarks can be found at https://www.
paloaltonetworks.com/company/trademarks.html. All other marks mentioned
herein may be trademarks of their respective companies. palo-alto- networks-
global-customer-services-support-resource-guide-060820
• Beacon—a one-stop education portal that gathers all Palo
Alto Networks resources in one location.
• Applipedia—application database used along with App-ID
to identify applications traveling through your Palo Alto
Networks Next-Generation Firewall.
• Security Advisories—listing of all security vulnerabili-
ties identied in currently supported Palo Alto Networks
products.
• Threat Vault—enables authorized users to research the latest
threats (e.g., vulnerabilities/exploits, viruses, spyware) that
Palo Alto Networks Next-Generation Firewalls can detect and
prevent.
• URL Filtering Categorization—test URL ltering categories.
• Updates—software and dynamic (content) updates are
available to authorized users in the Updates section of the
Customer Support Portal (CSP).
8.3 How to Open a Case
Web cases may be created by authorized users from the
Customer Support Portal (CSP) or through LIVEcommunity
for technical (Tech Support) and non-technical (Admin) is-
sues. These options are available to customers with Platinum,
Premium, or Standard Support. Customers with Premium
Partner Support will contact their Authorized Support Center.
CSP: https://support.paloaltonetworks.com > Support Cases
LIVEcommunity: https://live.paloaltonetworks.com >
Create a Support Case Now
Knowledge Base articles will be suggested throughout the case
creation process based on subject and description.
Recommended for critical cases: Create a web case through the
CSP. Set the severity as critical. If you like to speak with the case
owner, call Support and enter the case number in the automated
system.
If unable to create a login or access the Support Cases section of
the CSP, request Login Assistance. If unable to locate the prod-
uct serial number, select the option to have Customer Service
submit the technical case. Customer Service will then investi-
gate and resolve the issue with the serial number.
New cases are not accepted via email, but once a case is created,
email may be used to view and reply to case updates.
Log in to the Customer Support Portal. Click Create a Case to
open a support case. When you ll out the form, select Threat.
Your sales engineer (SE) can open a support case on your behalf.
For further information on Security Assurance, please visit this
best practices document.
7. End of Life Announcements
Products eventually reach their natural end of life for various
reasons, including new and better technologies becoming avail-
able, marketplace changes, or source parts and technologies are
unavailable. This is part of any technology product’s lifecycle. It
is a goal of Palo Alto Networks to make this process as seamless
as possible for you and our partners as well as to provide as much
visibility into what you can expect during the process.
• End-of-Life (EOL) Policy
• End-of-Sale Announcement
• Software End-of-Life Dates
• Hardware End-of-Life Dates
8. Appendix A: Quick Reference
to Support Resources
8.1 Overview
Palo Alto Networks oers a variety of online resources to an-
swer product questions, resolve issues and provide congura-
tion help.
Support is available for product issues 24/7, year-round with cur-
rent Platinum or Premium entitlements. Premium Partner Support
will be provided by the contracted Authorized Service Center.
8.2 Online Self-Help
• Day 1 Conguration—templates to build a baseline congu-
ration based on best practices.
• Knowledge Base—knowledge-centered support to answer
questions and resolve issues.
• LIVEcommunity—where authorized users can connect,
share and learn with other cybersecurity professionals,
through posts, blogs, and discussions.
• TechDocs—technical guides to all products, Best Practices and
resources such as Release Notes, and Compatibility Matrix.
