Create a custom URL category that functions as either
a URL category exception list or a distinct category based on multiple
Where can I use
What do I need?
Advanced URL Filtering license (or a legacy URL filtering
Legacy URL filtering licenses are discontinued,
but active legacy licenses are still
Prisma Access licenses usually include Advanced
URL Filtering capabilities.
You can create a custom URL category to define
exceptions to URL category enforcement or define a new URL category from multiple
Define Exceptions to URL Category Enforcement (URL
Specify a list of URLs (grouped under a single custom category) that you
wish to enforce independently of their predefined URL categories. You can control
access to this category in a URL Filtering profile that you apply to Security policy
rules or use the category as match criteria in Security policy rules. For example,
you can block the
category but allow
access to LinkedIn.
Define a Custom URL Category Based on Multiple PAN-DB
Categories (Category Match)
Create a new category to target enforcement for
websites or pages that match all of the categories defined as part of
the custom category. For example, PAN-DB might classify a developer blog that your
engineers use for research as
. To allow the engineers to access the
blog and similar websites
gain visibility into these websites, you can
create a custom URL category based on the three categories and set site access for
the category to alert in a URL Filtering profile.
PAN-DB evaluates URLs against custom URL categories before external dynamic lists
and predefined URL categories. Accordingly, the firewall enforces the Security
policy rules for a URL in a custom URL list over the policy rules associated
with the individual URL categories it exists in.
If multiple Security policy rules include a custom URL category, then the
firewall enforces the Security policy rule with the strictest URL Filtering
profile action for the matching traffic.