As the following blog shows, a new PAN-DB URL category, command-and-control, will be released.https://live.paloaltonetworks.com/t5/Community-Blog/Command-and-Control-C2/ba-p/179026This article introduces the steps to make sure that the command-and-control category is recognized by PAN-DB URL Filtering feature using the 'test url' command.
After ensuring your firewall meets the prerequisites:
Log in to your firewall managment WebUI with the administrative account. The URL is http or https:// the management IP of your firewall.
Go to Device > Setup > Content-ID and make sure there is no value in PAN-DB Server. If there is any value in PAN-DB Server, please delete it and commit the change.
Log in to your firewall managment CLI with the administrative account.
Run the following command to verify if the Command-and-Control category is properly recognized by PAN-DB URL Filtering feature.
admin@myNGFW>test url urlfiltering.paloaltonetworks.com/test-command-and-controlurlfiltering.paloaltonetworks.com/test-command-and-control command-and-control (Base db) expires in 1800 secondsurlfiltering.paloaltonetworks.com/test-command-and-control command-and-control (Cloud db)