URL filtering

cancel
Showing results for 
Search instead for 
Did you mean: 

URL filtering

L4 Transporter

Is there anyway to add a URL filtering for an individual  address?

14 REPLIES 14

Cyber Elite
Cyber Elite

@jdprovine,

You could always create a custom security policy for that address and assign the URL Filtering profile directly to that one profile. Would that work for what you are trying to do? 

 

L6 Presenter

Agree, URL filtering profiles per policy basis not per ip. One profile (or group) per policy. Get a separate policy as @BPry has already mentioned

okay so I make a url filtering profile for one single web address that we want to block and then create a security policy with that profile in it.  

So if I can do this what does the url filtering subscription get you, we currently do no have it

@BPry - forgot to tag you

 

okay so I make a url filtering profile for one single web address that we want to block and then create a security policy with that profile in it.  

So if I can do this what does the url filtering subscription get you, we currently do no have it

If you only want to log the accessed url's, allow only specific url's for example to a dmz server or as in your case you only need to block one (ore more) specific address(es) --> ther is no need for the url subscription

 

With the url subscription you can apply actions based on url categories. Here a few examples:

  • Block malware, phishing, peer2peer, dyn-dns, unknown
  • If your company policy does not allow social media
  • Allow downloads on all websites exept risky categories
  • With PAN-OS 8: allow your users to enter credentials on benign websites but not on unknown
  • ...

The list with possibilities is nearly endless 😉

But the main point is, that the subscription is for these categories and this is a point which you definately cannot do by yourself. 

 

(Of course there are also other possibilities for "url filtering" for example DNS based, but this never gives you the control as you have it with actual http based url filtering)

@vsys_remo

 

But you know it might get very burdomson to manage if I start trying manually add url's, people may request them to be blocked frequently

With EDLs this task is pretty easy to manage.

 

And for websites in the wrong category our users simply have to wait until PaloAlto moves them to the right category (this process is at least much faster than with brightcloud) ... there still will be urgent requests but we did not have much of them in the past

@vsys_remo

when you are talking about EDL - External dynamic lists correct you mean ,list like MISP, emerging threat etc

Exactly I meant external dynamic lists ... such a list you can also use for the allow/block request from your users. Simply place it on an internal webserver where you can edit the file easily (with ftps, scp, smb) and a few minutes later (depending on how often you configure the sync) the website is allowed/blocked ondm your or (this is an even greater advantage) on all the firewalls you manage

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!