Some websites block traffic from a cloud IP address range. When users who are secured by
Prisma Access
attempt to access these websites, they can be denied access. In order to
ensure that access to these websites is restored, Palo Alto Networks reviews all such
reported sites and, if an access issue is found, categorizes the site and adds an egress
policy that NATs the IP address to one that can be accessed. Palo Alto Networks
thoroughly reviews the sites to determine their reputation and only websites with a
pristine reputation are added to the egress rule, while the others are rejected, using
this process: