I've had a customer inquire about downloading PAN-DB on their firewalls via the use of their Panorama, problem is I can't find any documentation that would cover this.
The use case of this would be for a deployment that is completely offline in terms of the firewalls, and they only have access to Dynamic/Software updates via the Panorama.
I'm in the process of trying to replicate this in my lab environment with some VMs, but if anyone could provide additional insight or any documentation they're aware of, then that would be greatly appreciated.
Solved! Go to Solution.
@Lauchlan I don't want to be sarcastic, but if it is completely offline, why do they need URL filtering?
PanDB is not "downloaded" and it would have been impractical to do so, because of the size and the constant change of its content.
You download a small seed database and then URLs are dynamically categorised by the firewall as required and then cached for a period of time.
The firewall will need access to internet for this to work and you can't get that from Panorama.
Thank you for your response.
Interesting I had posed the same question to my colleague working with the customer, why need URL filtering if this is an offline east-west deployment, but I've not heard back on this yet.
After a while trying to replicate this, and seeing that only the BC database can be done through Panorama via Dynamic Updates, I found the following snippet:
"The URL scheduling feature is only for the Brightcloud URL filtering solution. When using the PAN-DB URL filtering database, the scheduling is done automatically.
If you have a PAN-DB license, scheduled updates are not required as firewalls remain in-sync with the servers automatically."
Needless to say, I'm happy to say your statement is a solid answer and resolution to this query.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!