Advanced URL Filtering Security Subscription

The advanced URL filtering subscription is a real-time cloud-based web security engine that protects against advanced web-based attacks.
Palo Alto Networks now offers a new subscription service that works in conjunction with your existing PAN-DB URL filtering solution to provide real time URL analysis and malware prevention to generate a more accurate analysis of URLs than possible with traditional web database filtering techniques alone. This subscription service is available on firewalls operating PAN-OS 9.0 and later, with the installation of content release 8390-6607 and later.
Malicious URLs can be updated or introduced before URL filtering databases have an opportunity to analyze the content; this lag time gives attackers an open period from which they can launch precision attack campaigns. Advanced URL filtering compensates for the coverage gaps inherent in database solutions by providing real time URL analysis on a per request basis. When a user visits a URL designated as risky, the firewall submits the URL to the advanced URL filtering service for analysis using machine learning and queries PAN-DB for the site’s category (information for recently visited websites are cached for fast retrieval). The analysis data is used to generate a verdict that the firewall retrieves to enforce the web-access rules based on your policy configuration. If there is a verdict mismatch while the data is being analyzed in the cloud, the more severe categorization takes precedence.
Advanced URL filtering is enabled through the URL filtering profile and uses the same configuration settings. If you already have an operational URL filtering deployment, no additional configuration is necessary to take advantage of advanced URL filtering—all web requests designated as risky are automatically forwarded for analysis. URLs analyzed using advanced URL filtering are displayed in the logs using the category real-time-detection, in addition to the threat type.
The advanced URL filtering subscription is an optional service that is used in conjunction with PAN-DB. Please contact your Palo Alto Networks sales representative for more information.
The Advanced URL Filtering security subscription is not available on CN-Series firewalls.

Recommended For You