Security Profile: URL Filtering
Focus
Focus
Network Security

Security Profile: URL Filtering

Table of Contents

Security Profile: URL Filtering

Where Can I Use This?
What Do I Need?
  • NGFW (Cloud Managed)
  • NGFW (PAN-OS & Panorama Managed)
  • Prisma Access (Cloud Managed)
  • Prisma Access (Panorama Managed)
Check for any license or role requirements for the products you're using.
URL Filtering profiles enable you to monitor and control how users access the web over HTTP and HTTPS. A default profile is configured to block websites such as known malware sites, phishing sites, and adult content sites. You can use the default profile in a security policy, clone it to be used as a starting point for new URL filtering profiles, or add a new URL profile that will have all categories set to allow for visibility into the traffic on your network. You can then customize the newly added URL profiles and add lists of specific websites that should always be blocked or allowed, which provides more granular control over URL categories.

Configure URL Filtering

After you plan your URL filtering deployment, you should have a basic understanding of the types of websites your users are accessing. Use this information to create a URL Filtering profile that defines how the firewall handles traffic to specific URL categories. You can also restrict the sites to which users can submit corporate credentials or enforce strict safe search. To activate these settings, apply the URL Filtering profile to Security policy rules that allow web access.

Cloud Managed

Follow these steps to configure URL Filtering profiles and settings that meet your organization’s business and security needs.
Follow these steps to configure URL Filtering profiles and settings that meet your organization’s business and security needs. See Advanced URL Filtering: Configure URL Filtering for detailed steps.
  1. Go to
    Manage
    Configuration
    NGFW and
    Prisma Access
    Security Services
    URL Access Management
  2. Review and customize General URL Filtering Settings.
  3. Create a URL Access Management profile.
  4. Apply the URL Access Management profile to a Security policy rule.
  5. Click
    Save
    .

PAN-OS & Panorama

Follow these steps to configure URL Filtering profiles and settings that meet your organization’s business and security needs.
Follow these steps to configure URL Filtering profiles and settings that meet your organization’s business and security needs. See Advanced URL Filtering: Configure URL Filtering for detailed steps.
  1. Create a URL Filtering profile.
    Select
    Objects
    Security Profiles
    URL Filtering
    and
    Add
    or modify a URL Filtering profile.
  2. Define site access for each URL category.
  3. Configure the URL Filtering profile to detect corporate credential submissions to websites that are in allowed URL categories.
  4. Configure the URL Filtering profile to detect phishing and malicious JavaScript in real-time using local inline categorization.
  5. Allow or block users from submitting corporate credentials to sites based on URL category to prevent credential phishing.
  6. Define URL category exceptions to specify websites that should always be blocked or allowed, regardless of URL category.
  7. Enable Safe Search Enforcement.
  8. Log only the page a user visits for URL filtering events.
  9. Enable HTTP Header Logging for one or more of the supported HTTP header fields.
  10. Save the URL Filtering profile.
  11. Apply the URL Filtering profile to Security policy rules that allow traffic from clients in the trust zone to the Internet.
  12. Commit
    the configuration.
  13. Test your URL filtering configuration.
  14. (
    Best Practice
    ) Enable
    Hold client request for category lookup
    to block client requests while the firewall performs URL category lookups.
  15. Set the amount of time, in seconds, before a URL category lookup times out.

Recommended For You