Inline Deep Learning Analysis for Advanced URL Filtering

Palo Alto Networks Advanced URL Filtering now operates a series of inline cloud-based deep learning detectors that evaluate suspicious web page contents in real-time to protect users against zero-day threats. This includes cloaked websites, multi-step attacks, CAPTCHA challenges, and previously unseen one-time-use URLs. When the firewall processes a URL request containing suspicious web page contents, it forwards the HTTP response data to the cloud and analyzes the contents of the web page that are deemed suspicious and is categorized accordingly. The deep learning detectors and analyzers used to categorize websites are updated and deployed automatically as Palo Alto Networks threat researchers improve the detection logic, and does not require the administrator to download and deploy update packages. Cloud inline categorization is enabled and configured through the URL Filtering Profile and requires an active Advanced URL Filtering license.
  1. To take advantage of inline categorization, you must have an active Advanced URL Filtering.
    Verify that you have an Advanced URL Filtering subscription. To verify subscriptions for which you have currently-active licenses, select
    and verify that the appropriate licenses are available and have not expired.
  2. Update or create a new URL Filtering Security profile to enable cloud inline categorization.
    The policy action used by local and cloud inline categorization is dependent on the configured settings under the
    1. Select an existing
      URL Filtering Profile
      a new one (
      Security Profiles
      URL Filtering
    2. Select your URL Filtering profile and then go to
      Inline Categorization
      and enable the cloud inline categorization.
    3. Click
      to exit the URL Filtering Profile configuration dialog and
      your changes.
For additional information about configuring cloud inline categorization, including adding exceptions, verifying connectivity to the required servers, validation processes, and monitoring details, refer to Configure Inline Categorization.

Recommended For You