1. Home
    2. DNS Security
    3. DNS Security Administration
    4. PAN-OS 10.0 and later

    PAN-OS 10.0 and later

    • Add domain signature exceptions in cases where false-positives occur.
      1. Select
        Objects
        Security Profiles
        Anti-Spyware
        .
      2. Select a profile to modify.
      3. Add
         or modify the Anti-Spyware profile from which you want to exclude the threat signature, and select
        DNS Exceptions
        .
      4. Search for a DNS signature to exclude by entering the name or FQDN.
      5. Select the checkbox for each
        Threat ID
         of the DNS signature that you want to exclude from enforcement.
      6. Click
        OK
         to save your new or modified Anti-Spyware profile.
    • Add an allow list to specify a list of DNS domains / FQDNs to be explicitly allowed.
      1. Select
        Objects
        Security Profiles
        Anti-Spyware
        .
      2. Select a profile to modify.
      3. Add
         or modify the Anti-Spyware profile from which you want to exclude the threat signature, and select
        DNS Exceptions
        .
      4. To
        Add
         a new FQDN allow list entry, provide the DNS domain or FQDN location and a description.
      5. Click
        OK
         to save your new or modified Anti-Spyware profile.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo