You can specify the cloud content Fully Qualified Domain Name (FQDN) used by the NGFW to handle Advanced WildFire service requests. The default FQDN connects to hawkeye.services-edge.paloaltonetworks.com and then resolves to the closest cloud services server. You can override the automatic server selection by specifying a regional cloud content server that best meets your data residency and performance requirements. Keep in mind, the cloud content FQDN is a globally used resource and affects how other services that rely on this connection sends traffic payloads.
Depending on which services you use, the cloud content FQDN facilitates analysis service requests, including traffic payloads, which sends data to the servers in the selected region. If you specify a content cloud FQDN that is outside of your region (for example, if you are in the EU region but you specify the APAC region FQDN), you may be in violation of your organization’s privacy and legal regulations. Please refer to the specific product documentation for information about how the cloud content FQDN is used by your Palo Alto Networks products.