Our Dynamic Block List (DBL) configuration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by raising a request in the Samurai Help Center and we shall get it updated.
The DBL is sized at approximately 40,000 URLs. Should memory exhaustion occur due to multiple Profile usage, ensure to manage your device(s) to avoid such a situation by performance and log monitoring.
Connection Requirements
You will need to ensure your Palo Alto Networks device(s) can reach a specific URL to obtain the DBL. This information will be provided to you once subscribed.
Parameter | Note |
Connection Port | TCP / 80 |
DBL URL | NTT will provide a unique URL to you to download the DBL URL list |
Table 1: Connections requirements
To complete this configuration you will need to:
From your Palo Alto Networks device:
- Configure an External Dynamic List (EDL)
- Configure a URL Filtering Profile
- Configure security policy rule
Configure an External Dynamic List (EDL)
Follow the steps outlined within the Palo Alto Networks documentation:
Use the following parameters when completing the steps:
Field Name | Parameter |
Name | Whatever you want, however we suggest NTT_DBL |
Type |
URL List |
Source | DBL URL will be provided to you upon enablement of the add-on |
Certificate Profile | None |
Check for updates | hourly |
Table 2: EDL Configuration
Tips:
- Select your specific PAN OS version when reviewing Palo Alto Networks documentation (we have linked version 10.2)
- To find out more information about EDL's refer to Palo Alto Networks documentation External Dynamic Lists
- Once completed, follow the Palo Alto Networks documentation linked to y'Test Source URL' to ensure the DBL can be accessed
Configure a URL Filtering Profile
Follow the steps outlined within the Palo Alto Networks documentation:
Use the following parameters for the EDL created in Configure an External Dynamic List when completing the steps:
Field Name | Parameter |
Profile Name | We suggested NTT_DBL |
Site Access |
Block |
User Credential Submission | Block |
Table 3: URL filtering profile
Configure security policy rule
Follow the steps outlined within the Palo Alto Networks documentation:
Use the following parameters in the Actions tab when completing the steps:
Field Name | Parameter |
Profile Setting Type | Profiles |
URL Filtering Profile | we suggested NTT_DBL |
Log at Session Start | Disabled |
Log at Session End | Enabled |
Comments
0 comments
Article is closed for comments.