08-06-2019 11:47 AM
Hello,
We have URL filtering with the PAN-DB license. If a URL is determined to be malicious, (from other URL checking websites, but not from Palo Aloto's yet, since they only categorized it as high risk and unknown at the moment). What is the best way to make sure users will be blocked from it? We are blocking the categories of hacking, malware, phishing and C&C.
Do I add it to my URL filtering block list on the Palo Alto firewall?
I submitted the URL to the Palo Alto website to test it and I requested a change for it to be categorized as phishing, but I received an email back that I would be notified in 24 hrs.
What is the best way to make sure users will not reach a site that is malicious but PA Networks hasnt classified it as that yet?
Thanks,
08-06-2019 02:19 PM
Hello,
I've had it done in less than an hour a few times and sometimes days. It depends on how busy they are on the backend. Humans review the submissions, if I remember correctly.
Regards,
08-06-2019 02:10 PM
Hello,
There are several options including but not limited to:
Block High Risk and Unknown categories (this is best practice)
Block the specific URL
Regards,
08-06-2019 02:17 PM
Thank you, when a URL is submitted to Palo Alto for reclassification - how long does it usually take for them to take action on that?
08-06-2019 02:19 PM
Hello,
I've had it done in less than an hour a few times and sometimes days. It depends on how busy they are on the backend. Humans review the submissions, if I remember correctly.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
