Use an External Dynamic List in a URL Filtering Profile (Strata Cloud Manager)

1. Enable Prisma Access to reference an external dynamic list.

   An external dynamic list allows you to define an imported list of IP addresses, URLs, or domain names that you can use in policy rules to block or allow traffic.

   To set up an external dynamic list, go to ConfigurationNGFW and Prisma AccessObjectsExternal Dynamic Lists:

   • Ensure that the list does not include IP addresses or domain names; the firewall skips non-URL entries.
   • Use the custom URL list guidelines to verify the list’s formatting.
   • Specify the List Type as URL List.
2. Use the external dynamic list with URL Filtering.

   Go to ConfigurationNGFW and Prisma AccessSecurity ServicesURL Access Management.

   • Specify Site Access for the URLs in the external dynamic list.
   • Exclude URLs in the external dynamic list from advanced inline categorization.

   You can also use external dynamic lists to create custom URL categories (return to the URL Access Management dashboard to do this).

   If a URL that is included in an external dynamic list is also included in a custom URL category, or block and allow list, the action specified in the custom category takes precedence over the external dynamic list.
3. Test that the policy action is enforced.

   1. View the external dynamic list entries (ConfigurationNGFW and Prisma AccessObjectsExternal Dynamic Lists) and try to access a URL from the list.
   2. Verify that the action you defined is enforced in the browser.