As you view the entries of an external dynamic list, you can exclude up to 100
entries from the list. The ability to exclude entries from an external dynamic
list gives you the option to enforce policy on some (but not all) of the entries
in a list. This is helpful if you cannot edit the contents of an external
dynamic list (such as the Palo Alto Networks High-Risk IP Addresses feed)
because it comes from a third-party source.
Follow these steps to exclude entries from an external dynamic list to enforce
policy on some (but not all) of the entries in a list.