URL Filtering - Dynamic Updates

Reply
L1 Bithead

URL Filtering - Dynamic Updates

Hello,

We have URL filtering with the PAN-DB license. If a URL is determined to be malicious, (from other URL checking websites, but not from Palo Aloto's yet, since they only categorized it as high risk and unknown at the moment). What is the best way to make sure users will be blocked from it? We are blocking the categories of hacking, malware, phishing and C&C.

Do I add it to my URL filtering block list on the Palo Alto firewall?

I submitted the URL to the Palo Alto website to test it and I requested a change for it to be categorized as phishing, but I received an email back that I would be notified in 24 hrs.

What is the best way to make sure users will not reach a site that is malicious but PA Networks hasnt classified it as that yet?

Thanks,

Tags (1)
L7 Applicator

Re: URL Filtering - Dynamic Updates

Hello,

There are several options including but not limited to:

 

Block High Risk and Unknown categories (this is best practice)

Block the specific URL

 

https://docs.paloaltonetworks.com/best-practices/9-0/internet-gateway-best-practices/best-practice-i...

 

Regards,

L1 Bithead

Re: URL Filtering - Dynamic Updates

Thank you, when a URL is submitted to Palo Alto for reclassification - how long does it usually take for them to take action on that?

L7 Applicator

Re: URL Filtering - Dynamic Updates

Hello,

I've had it done in less than an hour a few times and sometimes days. It depends on how busy they are on the backend. Humans review the submissions, if I remember correctly.

 

Regards,

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!