Regional Service Domains

Table of Contents

Configure DNS Security Subscription Services

Where Can I Use This?	What Do I Need?
Prisma Access (Managed by Strata Cloud Manager) Prisma Access (Managed by Panorama) NGFW (Managed by Strata Cloud Manager) NGFW (Managed by PAN-OS or Panorama) VM-Series CN-Series	Advanced DNS Security License (for enhanced feature support) or DNS Security License Advanced Threat Prevention or Threat Prevention License

Palo Alto Networks maintains a network of global and regional domains that provide service for DNS Security and Advanced DNS Security operations. These service domains operate real-time DNS request analyzers, access to the DNS signature database and provide advanced cloud-dependent functionality. By default, DNS Security and Advanced DNS Security connects to the global service domains (dns.service.paloaltonetworks.com and adv-dns.service.paloaltonetworks.com,respectively), which then automatically redirect to the regional domain that is closest to the network security platform location.

Advanced DNS Security Regional Service Domains

You can manually specify the server used to facilitate Advanced DNS Security queries. While Palo Alto Networks recommends using the default global service domain, you can override the selected server if you encounter higher than expected latency or other service-related issues.

You can specify the Advanced DNS Security service domain in PAN-OS from DeviceSetupManagementAdvanced DNS SecurityDNS Security Server.

This setting does not impact how standard DNS Security queries are handled.

The following table lists the Advanced DNS Security service domains:

Location	URL
Cape Town, South Africa	za.adv-dns.service.paloaltonetworks.com
Bahrain	bh.adv-dns.service.paloaltonetworks.com
Hong Kong	hk.adv-dns.service.paloaltonetworks.com
Tokyo, Japan	jp.adv-dns.service.paloaltonetworks.com
Singapore	sg.adv-dns.service.paloaltonetworks.com
Mumbai, India	in.adv.dns.service.paloaltonetworks.com
Sydney, Australia	au.adv-dns.service.paloaltonetworks.com
London, England	uk.adv-dns.service.paloaltonetworks.com
Frankfurt, Germany	de.adv.dns.service.paloaltonetworks.com
Eemshaven, Netherlands	nl.adv.dns.service.paloaltonetworks.com
Paris, France	fr.adv-dns.service.paloaltonetworks.com
Bahrain	bh.adv-dns.service.paloaltonetworks.com
Montreal, Quebec, Canada	ca.adv.dns.service.paloaltonetworks.com
Osasco, São Paulo, Brazil	br.adv.dns.service.paloaltonetworks.com
Council Bluffs, Iowa, USA	us-ia.adv.dns.service.paloaltonetworks.com
Ashburn, Northern Virginia, USA	us-va.adv.dns.service.paloaltonetworks.com
The Dalles, Oregon, USA	us-or.adv.dns.service.paloaltonetworks.com
Los Angeles, California, USA	us-ca.adv.dns.service.paloaltonetworks.com

Data Collection and Logging

Configure DNS Security Subscription Services

Advanced DNS Security

Regional Service Domains

Advanced DNS Security

Regional Service Domains

Advanced DNS Security Regional Service Domains

Activation & Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Technical Documentation

Company

Legal Notices