How to block a Windows update

How to block a Windows update

29082
Created On 09/25/18 19:43 PM - Last Updated 04/21/20 00:20 AM


Resolution

Overview

The Palo Alto Networks firewall can block access to windows updates for all users. To do so, block relevant URLs in the URL filtering profile.

 

Keep reading to learn how to block Windows updates for all windows machines inside the network. 

 

Steps

  1. Go to Objects > Security Profiles > URL filtering and click Add.
  2. Give the profile a name and add the below URLs in the block list, with the action selected as "block," and click OK.
    windowsupdate.microsoft.com
    *.windowsupdate.microsoft.com
    *.update.microsoft.com
    *.windowsupdate.com
    download.windowsupdate.com
    download.microsoft.com
    *.download.windowsupdate.com
    wustat.windows.com
    ntservicepack.microsoft.com
    *.ws.microsoft.comwindowsupdate1.jpg
  3. Call this newly created URL filtering profile in the relevant security policy.
  4. Click OK and commit the changes.windowsupdate2.jpg

 



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbvCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language