Use an External Dynamic List in a URL Filtering Profile (Strata Cloud Manager)
If you’re using Panorama to manage Prisma Access:
Toggle over to the PAN-OS & Panorama tab and follow the guidance
there.
If you’re using Strata Cloud Manager, continue here.
Enable Prisma Access to reference an external dynamic list.
An external dynamic list allows you to define an imported list of IP
addresses, URLs, or domain names that you can use in policy rules to block
or allow traffic.
To set up an external dynamic list, go to ManageConfigurationObjectsExternal Dynamic Lists:
Ensure that the list does not include IP addresses or domain names; the
firewall skips non-URL entries.
Go toManageConfigurationSecurity ServicesURL Access Management.
Specify Site Access for the URLs in
the external dynamic list.
Exclude URLs in the external dynamic list from advanced inline
categorization.
You can also use
external dynamic lists to create custom URL categories (return to
the URL Access Management dashboard to do this).
If a URL
that is included in an external dynamic list is also included in
a custom URL category,
or block and allow list, the action specified in the custom category
takes precedence over the external dynamic list.
Test that the policy action is enforced.
View the external dynamic list entries (ManageConfigurationObjectsExternal Dynamic Lists)
and try to access a URL from the list.
Verify that the action you defined is enforced in
the browser.