How to block a Windows update

How to block a Windows update

79106
Created On 09/25/18 19:43 PM - Last Modified 06/01/23 02:57 AM


Resolution


Overview

The Palo Alto Networks firewall can block access to windows updates for all users. To do so, block relevant URLs in the URL filtering profile.

 

Keep reading to learn how to block Windows updates for all windows machines inside the network. 

 

Steps

  1. Go to Objects > Security Profiles > URL filtering and click Add.
  2. Give the profile a name and add the below URLs in the block list, with the action selected as "block," and click OK.
    windowsupdate.microsoft.com
    *.windowsupdate.microsoft.com
    *.update.microsoft.com
    *.windowsupdate.com
    download.windowsupdate.com
    download.microsoft.com
    *.download.windowsupdate.com
    wustat.windows.com
    ntservicepack.microsoft.com
    *.ws.microsoft.comwindowsupdate1.jpg
  3. Call this newly created URL filtering profile in the relevant security policy.
  4. Click OK and commit the changes.windowsupdate2.jpg

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbvCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language