1. Home
    2. PAN-OS
    3. PAN-OS Upgrade Guide
    4. Software and Content Updates
    5. Content Delivery Network Infrastructure

    Content Delivery Network Infrastructure

    Palo Alto Networks maintains a Content Delivery Network (CDN) infrastructure for delivering content updates to the Palo Alto Networks firewalls. The firewalls access the web resources in the CDN to perform various content and application identification functions.
    The following table lists the web resources that the firewall accesses for a feature or application:
    Resource
    URL
    Static Addresses (If a static server is required)
    Application Database
    • updates.paloaltonetworks.com (Global, excluding mainland China)
    • updates.paloaltonetworks.cn (Mainland China only)
    Add the following URLs to your firewall allow list if your firewall has limited access to the Internet:
    • downloads.paloaltonetworks.com:443
    • proditpdownloads.paloaltonetworks.com:443
    As a best practice, set the update server to updates.paloaltonetworks.com. This allows the Palo Alto Networks firewall to receive content updates from the server closest to it in the CDN infrastructure.
    If you want additional reference information or are experiencing connectivity and update download issues, please refer to: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001UtRCAU
    The Palo Alto Networks ThreatVault database includes information about vulnerabilities, exploits, viruses, and spyware threats. Firewall features, including DNS security and the Antivirus profile, use the following resource to retrieve threat ID information to create exceptions:
    • data.threatvault.paloaltonetworks.com
    us-static.updates.paloaltonetworks.com
    Add the following IPv4 or IPv6 static server address sets to your firewall allow list:
    • IPv4
      — 35.186.202.45:443 and 34.120.74.244:443
    • IPv6
      — [2600:1901:0:669::]:443 and [2600:1901:0:5162::]:443
    Both IP addresses provided for a given protocol type must be added to the allow list for proper functionality.
    Threat/Antivirus Database
    PAN-DB URL Filtering | Advanced URL Filtering
    *.urlcloud.paloaltonetworks.com
    Resolves to the primary URL s0000.urlcloud.paloaltonetworks.com and is then redirected to the regional server that is closest:
    • s0100.urlcloud.paloaltonetworks.com
    • s0200.urlcloud.paloaltonetworks.com
    • s0300.urlcloud.paloaltonetworks.com
    • s0500.urlcloud.paloaltonetworks.com
    Static IP addresses are not available. However, you can manually resolve a URL to an IP address and allow access to the regional server IP address.
    Cloud Services
    Resolves to hawkeye.services-edge.paloaltonetworks.com and is then redirected to the regional server that is closest:
    • US—
      us.hawkeye.services-edge.paloaltonetworks.com
    • EU—
      eu.hawkeye.services-edge.paloaltonetworks.com
    • UK—
      uk.hawkeye.services-edge.paloaltonetworks.com
    • APAC—
      apac.hawkeye.services-edge.paloaltonetworks.com
    Static IP addresses are not available.
    DNS Security
    • Cloud—dns.service.paloaltonetworks.com:443
    • Telemetry—io.dns.service.paloaltonetworks.com:443
    When downloading an allow list, dns.service.paloaltonetworks.com resolves to the following server:
    • static.dns.service.paloaltonetworks.com:443
    • data.threatvault.paloaltonetworks.com (used to create DNS exceptions)
    Static IP addresses are not available.
    Firewall-based inline ML:
    • URL Filtering Inline ML
    • WildFire Inline ML
    • ml.service.paloaltonetworks.com:443
    Static IP addresses are not available.
    WildFire
    • Cloud (report retrieval)—wildfire.paloaltonetworks.com:443
    WildFire cloud regions:
    • Global—wildfire.paloaltonetworks.com
    • European Union—eu.wildfire.paloaltonetworks.com
    • Japan—jp.wildfire.paloaltonetworks.com
    • Singapore—sg.wildfire.paloaltonetworks.com
    • United Kingdom—uk.wildfire.paloaltonetworks.com
    • Canada—ca.wildfire.paloaltonetworks.com
    • Australia—au.wildfire.paloaltonetworks.com
    • Germany—de.wildfire.paloaltonetworks.com
    • India—in.wildfire.paloaltonetworks.com
    Static IP addresses are not available.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo