End-of-Life (EoL)

Content Delivery Network Infrastructure for Dynamic Updates

Palo Alto Networks maintains a Content Delivery Network (CDN) infrastructure for delivering content updates to the Palo Alto Networks firewalls. The firewalls access the web resources in the CDN to perform various App-ID and Content-ID functions. For enabling and scheduling the content updates, see Install Content and Software Updates.
The following table lists the web resources that the firewall accesses for a feature or application:
Static Addresses (If a static server is required)
Application Database
  • updates.paloaltonetworks.com:443
Threat/Antivirus Database
  • updates.paloaltonetworks.com:443
  • downloads.paloaltonetworks.com:443
As a best practice, set the update server to updates.paloaltonetworks.com. This allows the Palo Alto Networks firewall to receive content updates from the server closest to it in the CDN infrastructure.
PAN-DB URL Filtering
Resolves to the primary URL s0000.urlcloud.paloaltonetworks.com and is then redirected to the regional server that is closest:
  • s0100.urlcloud.paloaltonetworks.com
  • s0200.urlcloud.paloaltonetworks.com
  • s0300.urlcloud.paloaltonetworks.com
  • s0500.urlcloud.paloaltonetworks.com
Static IP addresses are not available. However, you can manually resolve a URL to an IP address and allow access to the regional server IP address.
BrightCloud URL Filtering
  • database.brightcloud.com:443/80
  • service.brightcloud.com:80
Contact BrightCloud Customer Support.

Recommended For You