What if an encrypted site displays suspicious characteristics (for example, the domain was previously associated with malware) yet isn’t overtly malicious? Put URL Filtering to work. Implement a policy that automatically enables SSL decryption for certain sites or categories of sites, such as personal blogs, file sharing sites and high-risk URLs. Selective decryption enables an optimal security policy while respecting confidential traffic parameters.
Phishing is a malicious technique used frequently for credential theft. When stolen, genuine credentials provide attackers with “authorized” network access. URL Filtering works as part of the Palo Alto Networks Security Operating Platform to stop credential theft as it’s happening. Your policy dictates whether to block the credentials from being submitted or notify the user of a potentially dangerous action.
We recommend blocking malicious categories, including Malware, Command and Control, and Phishing on day one. Many URLs fall in the gray area between benign and malicious. Blocking all of them leads to unhappy users and business interruptions. With URL Filtering you can enable stricter logging for high-risk sites or block them. This adds protection where it’s needed most without causing friction or disruption.
1 Mozilla. “Internet Health Report 2018”
2 Google. “2019 Google Transparency Report: HTTPS encryption on the web”
3 Verizon. “2018 Data Breach Investigations Report”
4 Proofpoint. “2019 State of the Phish Report”
5 Verizon. “2017 Data Breach Investigations Report”
7 IDG. “2018 U.S. State of Cybercrime”
8 Palo Alto Networks, Unit 42