Create Domain Exceptions and Allow | Block Lists (

Strata Cloud Manager

)

Use the credentials associated with your Palo Alto Networks support account and log in to the
Strata Cloud Manager
on the hub.
Add domain overrides in cases where false-positives occur.
Select
Manage
Configuration
NGFW and
Prisma Access
Security Services
DNS Security
and select a DNS Security profile to modify.
Add Override
or
Delete
to modify the domain list entries as necessary. Each additional entry requires the domain and a description.

Click
OK
to save your modified DNS Security profile.
Reference an external dynamic list (EDL) as part of your DNS Security profile to import third party threat feeds.
Create an domain-based external dynamic list (
Manage
Configuration
NGFW and
Prisma Access
Objects
External Dynamic Lists
). For more information about EDLs, see External Dynamic List.
Select
Manage
Configuration
NGFW and
Prisma Access
Security Services
DNS Security
.
In the
External Dynamic Lists
panel, select a domain list EDL and provide the
Policy Action
and
Packet Capture
settings. In
Apply to Profiles
, select the DNS Security profile for which you want the EDL domain list to apply to.
Save
your changes when you have finished making your updates.