URL Filtering Implementation Best Practice

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

URL Filtering Implementation Best Practice

L0 Member

Hell everyone,

 

 I have a vendor that is going to work on deploying the URL Filtering service in our Pan3020 but I wanted to undersandt/learn what the best approach is in order for to come up with an outcome that is manageable once they leave us. As of today, our security profiles such as Wildfire, Antivirus, etc. are applied to each rule. This deployment took a long time due to the amount of rules oure firewall has so the vendor has proposed to create just certain security policy rules for filtering instead of deploying the profile to each single rule.

 

 I am sure that this could probably be done using the CLI and some sort of scrip but again, I would like to hear other's recommendations regarding this matter. In the future, I am positive that we are going to need to make changes so doing the right thing now will help us. 

 

Thank you in advanced.

4 REPLIES 4

L5 Sessionator

I would start by reviewing this video and article that Joe put together.  It is still relevant today.

 

https://live.paloaltonetworks.com/t5/Tutorials/How-to-Configure-URL-Filtering-Video/ta-p/59300

 

P.S. There are other articles including one covering advanced URL Filtering at the bottom of the above page.

Cyber Elite
Cyber Elite

Hello,

Since URL filtering is heavily politically charged, what I usually do is give the exec board a list of all the categories and have them tell me what to block.

https://live.paloaltonetworks.com/t5/Management-Articles/Complete-List-of-PAN-DB-URL-Filtering-Categ...

 

This keeps me out from the abuse the users tend to throw around.

 

Another thing you can do it enable it and allow all categories, then run reports to see what the users are doing and present that to the board.

 

Hope that helps.

L0 Member

Thank you to all for your answers. I agree that URL filtering is a very political topic; however, I was hoping for right/wrong suggestions regarding the implementation such as, keep in mind this or this will happen, etc. For now, those videos and the URL description document are both very informative.

Hello,

You may come across a few sites that are miscategorized, but you can submit them to be changed. Once thing you can try is to put in a policy that allows all categories (ugly I know) and then run reports on ones that are hit the most.

 

I would highly suggest you block the following at a minimum:

 

command-and-control

copyright-infringement

dynamic-dns

extermism

malware

phishing

proxy-avoidance-and-anonymizers

questionable

unknown

 

Start blocking these and go from there. One thing somone else posted a while back was to run a report on the executives browsing history and present that to the board :).

 

Good luck.

 

  • 11859 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!