Focus

Advanced URL Filtering

Get Started with URL Filtering

Table of Contents

Get Started with URL Filtering

Basic setup for a URL filtering deployment that informs a more robust configuration

Where can I use this?	What do I need?
Prisma Access PAN-OS	Advanced URL Filtering license (or a legacy URL filtering license) Notes: Legacy URL filtering licenses are discontinued, but active legacy licenses are still supported. Prisma Access licenses usually include Advanced URL Filtering capabilities.

The first step to get started with URL filtering is understanding the web activity patterns of users on your network.

To safely observe these patterns, we recommend you:

Review Palo Alto Networks predefined URL categories.

Enter URLs into our Test A Site engine to see how PAN-DB categorizes them.

Create a (mostly) passive URL Filtering profile that alerts on most categories. When you select the

alert

setting for a URL category, the firewall logs traffic to that category. Then, you can see the sites your users are accessing and decide on the appropriate site access for URL categories and specific sites.

Alerting on all web activity might create a large amount of log files. As a result, you might only want to do this as part of an initial deployment. At that time, you can also reduce URL filtering logs by enabling the

Log container page only

option in the URL Filtering profile so only the main page that matches the category will be logged, not subsequent pages/categories that may be loaded within the container page.

Block URL categories that we know are bad: malware, C2, and phishing.

Prisma Access

PAN-OS

Activate Advanced URL Filtering License

Configure URL Filtering