Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
DNS Security Test Domains
Updated on
Dec 7, 2023
Focus
Download PDF
Updated on
Dec 7, 2023
Focus
Home
DNS Security
Configure DNS Security
DNS Security Test Domains
Download PDF
DNS Security
DNS Security Test Domains
Table of Contents
Filter
Expand All
|
Collapse All
DNS Security
Administration
Previous
Create Domain Exceptions and Allow | Block Lists
Next
Test Connectivity to the DNS Security Service
DNS Security Test Domains
Where Can I Use This?
What Do I Need?
Prisma Access (Cloud Management)
Prisma Access (Panorama Managed)
NGFW (Cloud Managed)
NGFW (PAN-OS or Panorama Managed)
VM-Series
CN-Series Firewall
DNS Security License
Advanced Threat Prevention or Threat Prevention License
Palo Alto Networks provides the following DNS Security test domains to validate your policy configuration based on the DNS category.
Access the following test domains to verify that the policy action for a given threat type is being enforced:
C2—
test-c2.testpanw.com
DNS Tunneling—
test-dnstun.testpanw.com
DGA—
test-dga.testpanw.com
Dynamic DNS*—
test-ddns.testpanw.com
Malware—
test-malware.testpanw.com
Newly Registered Domains*—
test-nrd.testpanw.com
Phishing*—
test-phishing.testpanw.com
Grayware*—
test-grayware.testpanw.com
Parked*—
test-parked.testpanw.com
Proxy Avoidance and Anonymizers*—
test-proxy.testpanw.com
Fast Flux*—
test-fastflux.testpanw.com
Malicious NRD*—
test-malicious-nrd.testpanw.com
NXNS Attack*—
test-nxns.testpanw.com
Dangling*—
test-dangling-domain.testpanw.com
DNS Rebinding*—
test-dns-rebinding.testpanw.com
DNS Infiltration*—
test-dns-infiltration.testpanw.com
Wildcard Abuse*—
test-wildcard-abuse.testpanw.com
Strategically-Aged*—
test-strategically-aged.testpanw.com
Compromised DNS*—
test-compromised-dns.testpanw.com
Ad Tracking*—
test-adtracking.testpanw.com
CNAME Cloaking*—
test-cname-cloaking.testpanw.com
Ransomware*—
test-ransomware.testpanw.com
Stockpile*—
test-stockpile-domain.testpanw.com
Cybersquatting*—
test-squatting.testpanw.com
Subdomain Reputation*—
test-subdomain-reputation.testpanw.com
The test domains marked with an * are not supported in PAN-OS 9.1.
Verify that the DNS query request has been processed by DNS Security by
monitoring the activity
.
Previous
Create Domain Exceptions and Allow | Block Lists
Next
Test Connectivity to the DNS Security Service
Recommended For You