Obtain and install a PAN-DB URL filtering license
and confirm that it is installed.
If the license expires, PAN-DB URL Filtering continues
to work based on the URL category information that exists in the
dataplane and management plane caches. However, URL cloud lookups
and other cloud‑based updates will not function until you install
a valid license.
and, in the License
Management section, select the license installation method:
Retrieve license keys from license server
Activate feature using authorization code
Manually upload license key
After installing the license, confirm that the PAN-DB
URL Filtering section,
displays a valid date.
Download the initial seed database and activate PAN-DB
The firewall must have Internet access; you cannot
manually upload the PAN-DB seed database.
In the PAN-DB URL Filtering section,
Choose a region (North America, Europe, APAC, Japan)
and then click
to start the download.
After the download completes, click
If PAN-DB is already the active URL filtering vendor
and you click
, this will reactivate
PAN-DB by clearing the dataplane and management plane caches and
replacing them with the contents of the new seed database. You should
avoid doing this unless it is necessary, as you will lose your cache,
which is customized based on the web traffic that has previously passed
through the firewall based on user activity.
Schedule the firewall to download dynamic updates for
Applications and Threats.
A Threat Prevention license is required to receive content
updates, which covers Antivirus and Applications and Threats.
In the Schedule field in the Applications and Threats
section, click the
link to schedule
You can only schedule dynamic updates if the firewall
has direct Internet access. If updates are already scheduled in
a section, the link text displays the schedule settings.
Applications and Threats updates sometimes contain updates for URL
filtering related to the
Safe Search Enforcement
in the URL filtering profile (
). For example,
if Palo Alto Networks adds support for a new search provider vendor
or if the method used to detect the Safe Search setting for an existing vendor
changes, the Application and Threats updates will include that update.