Use AutoFocus Custom Feeds with the Palo Alto Networks Firewall

Download the PEM certificate from AutoFocus. This certificate will be used to create a firewall certificate profile for remote SSL server verification.

Add the PEM certificate for AutoFocus to the firewall.
On the firewall, select
Device
Certificate Management
Certificates
.
Import
the certificate to the firewall.
Give the certificate a descriptive name.
Browse
for the certificate file and attach the AutoFocus certificate that you downloaded in the previous step.
Click
OK
.

Create a certificate profile for the AutoFocus PEM certificate.
On the firewall, select
Device
Certificate Management
Certificate Profile
.
Add
a new certificate profile.
Give the certificate profile a descriptive name.
Click
Add
, select the certificate name from the PEM Certificate drop-down, and click
OK
.
Click
OK
.

Configure the firewall to access an external dynamic list based on the threat indicators from the AutoFocus custom feed.
Observe the following guidelines when configuring the firewall to access an external dynamic list:
Add the AutoFocus-generated feed link as the
Source
of the external dynamic list. To find this link in AutoFocus, edit the EDL custom feed you want to receive updates from. The feed link is located at the bottom of the page, which also includes the custom feed details and configuration.
Select the
Certificate Profile
you created for the AutoFocus PEM certificate.
Select
Client Authentication
, and enter the EDL custom feed username and password used when creating the feed.
You cannot recover a password used in a custom feed. If you do not remember the password, you must delete and then recreate a custom feed using the same settings.

Verify that the firewall can receive indicators from the AutoFocus custom feed.
On the firewall, retrieve entries for the external dynamic list you added and view the list entries.