Content Delivery Network Infrastructure for Dynamic Updates

Palo Alto Networks maintains a Content Delivery Network (CDN) infrastructure for delivering content updates to the Palo Alto Networks firewalls. The firewalls access the web resources in the CDN to perform various App-ID and Content-ID functions. For enabling and scheduling the content updates, see Install Content and Software Updates.
The following table lists the web resources that the firewall accesses for a feature or application:
Resource
URL
Static Addresses (If a static server is required)
Application Database
  • updates.paloaltonetworks.com:443
staticupdates.paloaltonetworks.com
Threat/Antivirus Database
  • updates.paloaltonetworks.com:443
  • downloads.paloaltonetworks.com:443
As a best practice, set the update server to updates.paloaltonetworks.com. This allows the Palo Alto Networks firewall to receive content updates from the server closest to it in the CDN infrastructure.
staticupdates.paloaltonetworks.com
PAN-DB URL Filtering
*.urlcloud.paloaltonetworks.com
Resolves to the primary URL s0000.urlcloud.paloaltonetworks.com and is then redirected to the regional server that is closest:
  • s0100.urlcloud.paloaltonetworks.com
  • s0200.urlcloud.paloaltonetworks.com
  • s0300.urlcloud.paloaltonetworks.com
  • s0500.urlcloud.paloaltonetworks.com
Static IP addresses are not available. However, you can manually resolve a URL to an IP address and allow access to the regional server IP address.
BrightCloud URL Filtering
  • database.brightcloud.com:443/80
  • service.brightcloud.com:80
Contact BrightCloud Customer Support.

Related Documentation