PAN-DB private cloud enables URL filtering lookups over a private network.
Where can I use
What do I need?
Advanced URL Filtering license (or a legacy URL filtering
Legacy URL filtering licenses are discontinued,
but active legacy licenses are still supported.
When you set up PAN-DB private
cloud, you can either configure the M-600 appliance(s) to
have direct internet access or keep it completely offline. The M-600
appliance requires database and content updates to perform URL lookups.
If the appliance does not have an active internet connection, you
must manually download the updates to a server on your network and
then, import the updates using SCP into each M-600 appliance in
the PAN-DB private cloud. In addition, the appliances must be able
to obtain the seed database and any other regular or critical content
updates for the firewalls that it services.
The process for performing URL lookups, in both the private and
the public cloud is the same for the firewalls on the network. By
default, the firewall is configured to access the public PAN-DB
cloud. If you deploy a PAN-DB private cloud, you must configure
the firewalls with a list of IP addresses or FQDNs to access the server(s)
in the private cloud.
To authenticate the firewalls that connect to the PAN-DB private
cloud, a set of default server certificates are packaged with the
appliance; you cannot import or use another server certificate for
authenticating the firewalls. If you change the hostname on the
M-600 appliance, the appliance automatically generates a new set
of certificates to authenticate the firewalls.