Configure URL Filtering Inline ML
To enable your URL Filtering inline ML configuration, attach the URL Filtering profile configured with the inline ML settings to a security policy rule (see Set Up a Basic Security Policy).
URL Filtering inline ML is not currently supported on the VM-50 or VM50L virtual appliance.
- Create a new or update your existing URL Filtering Security profiles to use URL Filtering inline ML.
- Select an existingURL Filtering ProfileorAdda new one (.ObjectsSecurity ProfilesURL Filtering
- Block—The firewall blocks the website and the user will not be able to continue to the website. The firewall also generates a URL Filtering log entry.
- Alert—The firewall allows access to the website but also generates a URL Filtering log entry.
- Allow—The firewall allows access to the website does not generate a URL Filtering log entry.
- ClickOKto exit the URL Filtering Profile configuration dialog andCommityour changes.
- (Optional)Add URL exceptions to your URL Filtering security profile if you encounter false-positives. You can add exceptions by specifying an EDL from the URL Filtering profile or by adding a web page entry from the URL Filtering logs.
- Add an EDL URL exception list.
- SelectObjects > Security Profiles > URL Filtering.
- Select a URL Filtering profile for which you want to exclude specific URLs and then selectInline ML.
- ClickOKto save the URL Filtering profile andCommityour changes.
- Add file exceptions from URL Filtering log entries.
- Go to theDetailed Log Viewand scroll down to theDetailspane then selectCreate Exceptionlocated next to theInline ML Verdict.
- Select a custom category for the URL exception and clickOK.
- The new URL exception can be found in the list to which it was added, underObjects > Custom Objects > URL Category.
- (Optional)Verify the status of your firewall’s connectivity to the inline ML cloud service.Use the following CLI command on the firewall to view the connection status.show mlav cloud-statusFor example:show mlav cloud-status MLAV cloud Current cloud server: ml.service.paloaltonetworks.com Cloud connection: connectedIf you are unable to connect to the inline ML cloud service, verify that the following domain is not being blocked: ml.service.paloaltonetworks.com.
To view information about web pages that have been processed using URL Filtering inline ML, Filter the logs (
Monitor > Logs > URL Filtering) based on
Inline ML Verdict. Web pages that have been determined to contain threats are categorized with verdicts of either
Recommended For You
Recommended videos not found.