Strata Copilot
    PAN-OS ® New Features Guide
    : Inline Deep Learning Analysis for Advanced URL Filtering
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. PAN-OS ® New Features Guide
    4. URL Filtering Features
    5. Inline Deep Learning Analysis for Advanced URL Filtering
    Download PDF

    PAN-OS ® New Features Guide

    Inline Deep Learning Analysis for Advanced URL Filtering

    Table of Contents

    Inline Deep Learning Analysis for Advanced URL Filtering

    Palo Alto Networks Advanced URL Filtering now operates a series of inline cloud-based deep learning detectors that evaluate suspicious webpage contents in real-time to protect users against zero-day threats. This includes cloaked websites, multi-step attacks, CAPTCHA challenges, and previously unseen one-time-use URLs. When the firewall processes a URL request containing suspicious webpage contents, it forwards the HTTP response data to the cloud and analyzes the contents of the webpage that are deemed suspicious and is categorized accordingly. The deep learning detectors and analyzers used to categorize websites are updated and deployed automatically as Palo Alto Networks threat researchers improve the detection logic, and does not require the administrator to download and deploy update packages. Cloud inline categorization is enabled and configured through the URL Filtering profile and requires an active Advanced URL Filtering license.
    1. Log in to the PAN-OS web interface.
    2. To take advantage of inline categorization, you must have an active Advanced URL Filtering.
      Verify that you have an Advanced URL Filtering subscription. To verify subscriptions for which you have currently active licenses, select DeviceLicenses and verify that the appropriate licenses are available and have not expired.
    3. Update or create a new URL Filtering Security profile to enable cloud inline categorization.
      The policy action used by local and cloud inline categorization is dependent on the configured settings under the Categories tab.
      1. Select an existing URL Filtering Profile or Add a new one (ObjectsSecurity ProfilesURL Filtering).
      2. Select your URL Filtering profile and then go to Inline Categorization and enable the cloud inline categorization.
      3. Click OK to exit the URL Filtering profile configuration dialog and Commit your changes.
    4. Install an updated firewall device certificate used to authenticate to the Advanced URL Filtering cloud service. Repeat for all firewalls enabled for inline cloud categorization.
    For additional information about configuring cloud inline categorization, including adding exceptions, verifying connectivity to the required servers, validation processes, and monitoring details, refer to Configure Inline Categorization.

    © 2026 Palo Alto Networks, Inc. All rights reserved.