Local Inline Categorization
Focus
Focus
Advanced URL Filtering

Local Inline Categorization

Table of Contents

Local Inline Categorization

Discover how inline ML-based URL Filtering prevents web-based attacks and optimizes web security.
Where can I use this?
What do I need?
  • Prisma Access (Cloud Management)
  • Prisma Access (Panorama Managed)
  • NGFW (Cloud Managed)
  • NGFW (PAN-OS or Panorama Managed)
Note:
Prisma Access
usually include Advanced URL Filtering capabilities.
Local inline categorization (previously known as inline ML) enables the firewall dataplane to apply machine learning (ML) on webpages to alert users when phishing variants are detected while preventing malicious variants of JavaScript exploits from entering your network. Local inline categorization dynamically analyzes and detects malicious content by evaluating various webpage details using a series of ML models. Each ML model detects malicious content by evaluating file details, including decoder fields and patterns, to formulate a high probability classification and verdict, which is then used as part of your larger web security policy. URLs classified as malicious are forwarded to PAN-DB for additional analysis and validation. You can specify URL exceptions to exclude any false-positives that might be encountered. This allows you to create more granular rules for your profiles to support your specific security needs. To keep up with the latest changes in the threat landscape, inline ML models are updated regularly and added via content releases. An active Advanced URL Filtering subscription is required to configure inline categorization.
You can also enable inline ML-based protection to detect malicious Portable Executable (PE), ELF and MS Office files, and PowerShell and shell scripts in real-time as part of your Antivirus profile configuration. For more information, refer to: Advanced Wildfire Inline ML.
Local inline categorization isn't supported on the VM-50 or VM50L virtual appliance.

Recommended For You