Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
How to block a Windows update - Knowledge Base - Palo Alto Networks

How to block a Windows update

87189
Created On 09/25/18 19:43 PM - Last Modified 06/01/23 02:57 AM


Resolution


Overview

The Palo Alto Networks firewall can block access to windows updates for all users. To do so, block relevant URLs in the URL filtering profile.

 

Keep reading to learn how to block Windows updates for all windows machines inside the network. 

 

Steps

  1. Go to Objects > Security Profiles > URL filtering and click Add.
  2. Give the profile a name and add the below URLs in the block list, with the action selected as "block," and click OK.
    windowsupdate.microsoft.com
    *.windowsupdate.microsoft.com
    *.update.microsoft.com
    *.windowsupdate.com
    download.windowsupdate.com
    download.microsoft.com
    *.download.windowsupdate.com
    wustat.windows.com
    ntservicepack.microsoft.com
    *.ws.microsoft.comwindowsupdate1.jpg
  3. Call this newly created URL filtering profile in the relevant security policy.
  4. Click OK and commit the changes.windowsupdate2.jpg

 



Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbvCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language