Content Delivery Network Infrastructure

Palo Alto Networks maintains a Content Delivery Network (CDN) infrastructure for delivering content updates to the Palo Alto Networks firewalls. The firewalls access the web resources in the CDN to perform various content and application identification functions.
The following table lists the web resources that the firewall accesses for a feature or application:
Resource
URL
Static Addresses (If a static server is required)
Application Database
  • updates.paloaltonetworks.com:443
staticupdates.paloaltonetworks.com
Threat/Antivirus Database
  • updates.paloaltonetworks.com:443
  • downloads.paloaltonetworks.com:443
As a best practice, set the update server to updates.paloaltonetworks.com. This allows the Palo Alto Networks firewall to receive content updates from the server closest to it in the CDN infrastructure.
staticupdates.paloaltonetworks.com
PAN-DB URL Filtering
*.urlcloud.paloaltonetworks.com
Resolves to the primary URL s0000.urlcloud.paloaltonetworks.com and is then redirected to the regional server that is closest:
  • s0100.urlcloud.paloaltonetworks.com
  • s0200.urlcloud.paloaltonetworks.com
  • s0300.urlcloud.paloaltonetworks.com
  • s0500.urlcloud.paloaltonetworks.com
Static IP addresses are not available. However, you can manually resolve a URL to an IP address and allow access to the regional server IP address.
BrightCloud URL Filtering
  • database.brightcloud.com:443/80
  • service.brightcloud.com:80
Contact BrightCloud Customer Support.

Related Documentation