Skip to main content

Palo Alto Networks PAN-OS And Prisma Access Allowlist

Sebastian Salla
Updated

If you're using web and URL filtering protections offered by Palo Alto Networks, you'll need to configure some allowlisting rules to exempt our phishing websites from the built-in malicious URL categories. Once configured, you'll have no issues with accessing our simulated phishing websites.

Note: The provided guidance is derived from Palo Alto Networks official URL allowlisting guidance. Depending on the type or version of the product being used, this guidance may differ slightly.

 

Step 1. Create A Custom URL Category

Step 1.1. Login to your PAN-OS or Panorama administrative console and select Objects > Custom Objects > URL Category.

Step 1.2. Add a custom URL category, and give the category a descriptive Name (e.g. CanIPhish Simulated Phishing Websites).

Step 1.3. Set the category Type to URL List.

Step 1.4. One-by-one add all CanIPhish Website Domains to the URL list, ensuring wildcards are supplied for the sub-domains. See the full list of CanIPhish Phishing Website Domains:

*.authwebmail.com
*.cmail31.com
*.securesupportcloud.com
*.webnotifications.net
*.alerting-services.com
*.onlineverify.net
*.verificationweb.net
*.portal-login.net
*.cloud-notification-services.com
*.authenticationsecure.com

Step 1.5. Click OK to save the custom URL category.

Step 2. Add The New URL Category To A URL Filtering Profile

Step 2.1. Select Objects > Security Profiles > URL Filtering and Add a URL Filtering profile.

Step 2.2. Give the new Security Profile a descriptive name (e.g. CanIPhish Phishing Website Allowlist).

Step 2.3. The 'CanIPhish Simulated Phishing Websites' custom category created in Step 1 should display under Custom URL Categories:

Step 2.4. Ensure both the 'Site Access' and 'User Credential Submission' fields are both set to allow for the 'CanIPhish Simulated Phishing Websites' custom category.

Step 3. Attach The URL FIltering Profile To Your Security Policies

Step 3.1. Select Policies > Security and then choose the policy you wish to attach your new URL Filtering Profile to. Once chosen, go to the Actions tab.

Step 3.2. Under the Profile Setting section, change the Profile Type to Profiles.

Step 3.3. Click the URL Filtering dropdown and select your previously created URL Filtering profile (e.g. CanIPhish Phishing Website Allowlist).

Step 3.4. Click OK and then make sure to hit Commit. Your new URL exemptions should now be live!

 

URL allowlisting can be tricky. If you run into any issues, please don't hesitate to contact the CanIPhish team for support.

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk