How to Block Web Browsing while Allowing Microsoft Updates

How to Block Web Browsing while Allowing Microsoft Updates

30345
Created On 09/25/18 17:39 PM - Last Updated 04/20/20 21:49 PM


Resolution

The following procedure will block web browsing while allowing Microsoft updates.

  1. Create a URL filter to block all URL categories (Objects > Security Profiles > URL Filtering)
  2. Add the following sites to the allow list:
    • windowsupdate.microsoft.com
    • *.microsoft.com
    • download.windowsupdate.com
    • *.windowsupdate.com
  3. Create a security policy to allow the following applications:
    • Go to Policies > Security and add a new rule. Under Application, include ms-update and web-browsing
    • Under Profile add the URL filter created for ms-update.
      url_1.JPG
      url_2.jpg 

owner: panagent



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHXCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language