The advanced URL filtering subscription is a real-time
cloud-based web security engine that protects against advanced web-based attacks.
Palo Alto Networks Advanced URL filtering
subscription provides real time URL analysis and malware prevention
to generate a more accurate analysis of URLs than possible with
traditional web database filtering techniques alone. This subscription
service is available on firewalls operating PAN-OS 9.0 and later,
with the installation of content release 8390-6607 and later.
URLs can be updated or introduced before URL filtering databases
have an opportunity to analyze the content; this lag time gives attackers
an open period from which they can launch precision attack campaigns.
Advanced URL filtering compensates for the coverage gaps inherent in
database solutions by providing real time URL analysis on a per
request basis. When a user visits a URL designated as risky, the
firewall submits the URL to the advanced URL filtering service for
analysis using machine learning and queries PAN-DB for the site’s
category (information for recently visited websites are cached for
fast retrieval). The analysis data is used to generate a verdict
that the firewall retrieves to enforce the web-access rules based on
your policy configuration. If there is a verdict mismatch while
the data is being analyzed in the cloud, the more severe categorization
Advanced URL filtering is enabled through
the URL filtering profile and uses the same configuration settings.
If you already have an operational URL filtering deployment, no
additional configuration is necessary to take advantage of advanced
URL filtering—all web requests designated as risky are automatically
forwarded for analysis. URLs analyzed using advanced URL filtering
are displayed in the logs using the category real-time-detection, in
addition to the threat type.
The Advanced URL Filtering
security subscription is not available on CN-Series firewalls.