Advanced DNS Security License (for enhanced feature support)
or DNS Security License
Advanced Threat Prevention or Threat Prevention License
The DNS Security dashboard shows the statistics data generated by the Advanced DNS Security and
DNS Security subscription services in a fast, visual assessment report of your
organization’s DNS usage. View and drill down into various DNS trends discovered in your
network. Each dashboard card provides a unique view into how DNS requests are processed
and categorized. Select dashboard cards to change the context of the dashboard or view
more information about a specific trend, domain, or statistic.
The DNS Security dashboard is available on Prisma Access and AIOps for NGFW. You can interact with the DNS Security Dashboard Cards to alter the context of the dashboard
or view more information about a specific trend, domain, or statistic. You can also
customize the formatting to display current trends or historical data, across relevant
data points.
View DNS Security Dashboard (Strata Cloud Manager)
Use the credentials associated with your Palo Alto Networks support account and
log in to Strata Cloud Manager on the hub.
Select DashboardsMore DashboardsDNS Security to open the DNS Security dashboard.
From the dashboard, configure your filter options using
the available drop downs.
Filter by time range—Select from Last
hour, Last 24 hours, Last
7 days, or Last 30 days to display
data for a specific time-frame.
Filter by DNS category—Select from Select All,
MalwareCommand and
Control, Phishing,
Grayware, Exceptions
List, Newly Registered,
Dynamic DNS, Proxy,
Parked, Benign,
Ad Track to filter the data set based on a
DNS type.
The Exceptions List category is a list maintained by Palo Alto
Networks of explicitly allowable domains based on metrics from
PAN-DB and Alexa. These allow list domains are frequently
accessed and known to be free from malicious content.
Filter by DNS action—Select from Allow,
Block, and Sinkhole to
filter based on the action taken on a DNS query based on your DNS
Security profile action settings.
You can re-contextualize, interact, and pivot from the
data provided by the dashboard cards. For an overview of each of
the DNS Security dashboard cards, see DNS Security Dashboard cards.
View DNS Security Dashboard (AIOps for NGFW Free)
Use the credentials associated with your Palo Alto Networks support account and
log in to the AIOps for NGFW Free application on the hub.
Select DashboardsMore DashboardsDNS Security to open the DNS Security dashboard.
From the dashboard, configure your filter options using
the available drop downs.
Filter by time range—Select from Last
hour, Last 24 hours, Last
7 days, or Last 30 days to display
data for a specific time-frame.
Filter by DNS category—Select from C2 (DGA,
Tunneling, other C2), Malware, Newly
Registered Domain, Phishing, Dynamic
DNS, Allow List, Benign, Grayware, Parked, Proxy,
and Any Category, to filter the data set
based on a DNS type.
The Allow List category is a list maintained by Palo
Alto Networks of explicitly allowable domains based on metrics from
PAN-DB and Alexa. These allow list domains are frequently accessed
and known to be free from malicious content.
Filter by DNS action—Select from Allow,
Block, and Sinkhole to
filter based on the action taken on a DNS query based on your DNS
Security profile action settings.
You can re-contextualize, interact, and pivot from the
data provided by the dashboard cards. For an overview of each of
the DNS Security dashboard cards, see DNS Security Dashboard cards.