A knowledge base article about The update schedules for the Palo Alto firewalls provided by the UC Berkeley IT Service Hub - Knowledge Portal

There are a number of features in our Palo Alto firewalls that must be updated periodically. These features include both security features (like vulnerabilities and virus definitions) and shared objects like malicious IP addresses. Below are the update times used in our environment:

Security Features (refer to documentation for more information about these):

Feature	Update Schedule
AntiVirus	hourly *
Applications and Threats	Every 30 minutes *
WildFire	Every minute

* For “AntiVirus” and “Application and Threats” there is an 8 hour delay in the implementation of any new signatures to allow for problems to be detected and corrected prior to deployment.

Shared Objects (see here for more information on these objects):

Shared Object	Update Schedule
ucbsec-vuln_scanners	Manual update as needed
ucbsec-URLs	Manual update as needed
UCB-networks_no_visitor	Daily at 01:00
UCB-airbears2	Daily at 01:00
UCB-calvisitor	Daily at 01:00
UCB-VPN	Manual update as needed
ucbsec-tor_exit_nodes	Hourly
threat-AID_list	Hourly
threat-malicious_IPv4	Hourly
threat-malicious_IPv6	Hourly
threat-malicious_FQDN	Hourly
threat-malicious_URLs	Hourly
Palo Alto Networks - High risk IP addresses	Hourly
Palo Alto Networks - Known malicious IP addresses	Hourly