Palo Alto Networks offers two levels of URL filtering services: URL Filtering and Advanced URL Filtering . While both aim to control and secure web access, they differ in capabilities, detection methods, and protection against web-based threats.
| Feature | URL Filtering | Advanced URL Filtering |
|---|---|---|
| Detection Method | Database-driven (PAN-DB) | Database + Real-time ML/Deep Learning Analysis |
| Threat Coverage | Known threats based on URL categories | Known and unknown threats, including zero-day and evasive attacks |
| Real-time Analysis | No | Yes, with inline machine learning and deep learning |
| Credential Phishing Prevention | Limited | Enhanced, with real-time detection of phishing sites |
| Inline Categorization | No | Yes, with cloud-based analysis for suspicious URLs |
| License Availability | Discontinued | Available and includes all features of URL Filtering |
Traditional URL Filtering relies on the PAN-DB database to categorize websites and enforce access policies based on predefined categories. It provides control over web access but lacks real-time analysis capabilities, making it less effective against newly emerging threats.
Advanced URL Filtering enhances traditional URL Filtering by incorporating real-time analysis using machine learning and deep learning techniques. It can detect and block unknown and evasive web-based threats, including zero-day attacks and sophisticated phishing attempts. This service offers inline categorization, allowing the firewall to analyze web content in real-time and enforce security policies accordingly.
sequenceDiagram
participant User
participant Firewall
participant PAN-DB
participant Advanced URL Filtering Cloud
User->>Firewall: Requests URL
Firewall->>PAN-DB: Check URL Category
alt URL Category Known
PAN-DB-->>Firewall: Return Category
Firewall-->>User: Allow/Block based on policy
else URL Category Unknown or Suspicious
PAN-DB-->>Firewall: Unknown Category
Firewall->>Advanced URL Filtering Cloud: Submit URL for Analysis
Advanced URL Filtering Cloud-->>Firewall: Return Verdict
Firewall-->>User: Allow/Block based on analysis
end