Sites that Palo Alto Networks has verified as belonging
to malicious URL categories do not receive a risk rating and are
blocked by default.
Palo Alto Networks verifies the URL categories
to which a requested site belongs. If PAN-DB determines that a URL
belongs to malicious URL categories,
it does not assign the site a security-focused URL category (high-risk,
medium-risk, low-risk). The firewall automatically blocks sites
in these categories because they pose an unacceptable level of risk for
most environments. Risk levels are reserved only for URLs that have not been
classified as malicious or are no longer classified as malicious
due to a lack of evidence.
The following table lists the categories that
PAN-DB considers malicious and blocks by default, with the exception
of Private IP Addresses. Private IP
addresses (and hosts) are unique to the host environment and are
invisible to PAN-DB. As a result, Palo Alto Networks does not assign
a risk rating to sites in this category.