Did you know that PAN-DB, the Palo Alto Networks URL database, can assign multiple categories to URLs that classify a website’s content, purpose, and safety. Every URL can have up to four categories, including a security-focused URL category that indicates how likely it is that the site will expose you to threats.
These security-focused URL categories enable you to implement simple security and decryption policies based on website safety, without requiring you to research and individually assess the sites that are likely to expose you to web-based threats.
These security-focused URL categories (or risk categories for short) are High-Risk, Medium-Risk, Low-Risk, and Newly-Registered Domains.
NOTE: These risk categories are always assigned at the domain-level (the risk category for an individual URL is inherited from the domain).
As an example, PAN-DB might classify a certain website as:
Here is some important information about multi-category URL filtering with some tips to get started:
The PAN-DB URL filtering license is required
You can test a URL in order to verify to which categories it belongs
URL Filtering profiles now display your Custom URL Categories, External Dynamic URL Lists, and Pre-defined CategoriesCustom, External & Predefined
You can define a custom URL category based on multiple PAN-DB URL categories.
For websites or pages that hold more than one URL category, URL filtering logs display the URL category with which the firewall-based policy enforcement (the Category). That said, when you set the same action for all categories and there is no priority among the categories, PAN-OS matches the URL to the category in alphabetical order and chooses to log the latest category. Check out the following Knowledge Base article for more details about the risk category appearing instead of valid category under URL Filtering Log.
Check out the following links for more information on Multi-Category URL filtering and some best practices to help you along the way!