Create a Custom URL Category

Advanced URL Filtering

Create a Custom URL Category

Table of Contents
End-of-Life (EoL)

Create a Custom URL Category

Create a custom URL category that functions as either a URL category exception list or a distinct category based on multiple PAN-DB categories.
Where can I use this?
What do I need?
  • Prisma Access
  • PAN-OS
  • Advanced URL Filtering license (or a legacy URL filtering license)
  • Legacy URL filtering licenses are discontinued, but active legacy licenses are still supported.
  • Prisma Access licenses usually include Advanced URL Filtering capabilities.
You can create a custom URL category to define exceptions to URL category enforcement or define a new URL category from multiple categories.
Define Exceptions to URL Category Enforcement (URL List)
Specify a list of URLs (grouped under a single custom category) that you wish to enforce independently of their predefined URL categories. You can control access to this category in a URL Filtering profile that you apply to Security policy rules or use the category as match criteria in Security policy rules. For example, you can block the
category but allow access to LinkedIn.
Define a Custom URL Category Based on Multiple PAN-DB Categories (Category Match)
Create a new category to target enforcement for websites or pages that match all of the categories defined as part of the custom category. For example, PAN-DB might classify a developer blog that your engineers use for research as
, and
. To allow the engineers to access the blog and similar websites
gain visibility into these websites, you can create a custom URL category based on the three categories and set site access for the category to alert in a URL Filtering profile.
PAN-DB evaluates URLs against custom URL categories before external dynamic lists and predefined URL categories. Accordingly, the firewall enforces the Security policy rules for a URL in a custom URL list over the policy rules associated with the individual URL categories it exists in.
If multiple Security policy rules include a custom URL category, then the firewall enforces the Security policy rule with the strictest URL Filtering profile action for the matching traffic.

Recommended For You