Create a Custom URL Category

Create a custom URL category that functions as either a URL category exception list or a distinct category based on multiple PAN-DB categories.
Where can I use this?
What do I need?
  • Prisma Access
  • PAN-OS
  • Advanced URL Filtering license
    For Prisma Access, this is usually included with your Prisma Access license.
You can create a custom URL category to specify websites you wish to enforce independently of their PAN-DB URL categories or define a new category out of multiple PAN-DB categories.
Define exceptions to URL category enforcement
Create a custom list of URLs that you control access to in a URL Filtering profile that you apply to Security policy rules or incmatch criteria in a Security policy rule. For example, you might block the
social-networking
category but want to allow access to LinkedIn.
Define a custom URL category based on multiple PAN-DB categories
This allows you to target enforcement for websites that match two or more categories. The website or page must match all the categories defined as part of the custom category. For example, PAN-DB might classify a developer blog that your engineers use for research as
personal-sites-and-blogs
,
computer-and-internet-info
, and
high-risk
. To allow the engineers to access the blog and similar websites
and
gain visibility into these websites, you can create a custom URL category based on the three categories and set site access for the category to alert in a URL Filtering profile.
PAN-DB evaluates URLs against custom URL categories before external dynamic lists and predefined URL categories. Accordingly, the firewall enforces the Security policy rules for a URL in a custom URL list over the policy rules associated with the individual URL categories it exists in.
If multiple Security policy rules include a custom URL category, then the firewall enforces the Security policy rule with the strictest URL Filtering profile action for the matching traffic.

Recommended For You