Unable to use predefined External Dynamic Lists on the Palo Alto Firewall or Panorama

33415

Created On 05/23/19 03:19 AM - Last Modified 05/17/22 17:56 PM

Antivirus

Dynamic Updates

Security Policy

Initial Configuration

Installation

8.1

8.0

9.0

PAN-OS

Symptom

Unable to find pre-defined External Dynamic Lists to be used as Source or Destination while creating a Security Policy.
The predefined External Dynamic Lists are not available to be referenced, while creating a custom External Dynamic List.
Navigate to Objects > External Dynamic Lists, but no predefined External Dynamic List is present.

The predefined External Dynamic Lists available are :-
- Palo Alto Networks Bulletproof IP Addresses—Contains IP addresses provided by bulletproof hosting providers. Because bulletproof hosting providers place few, if any, restrictions on content, attackers frequently use these services to host and distribute malicious, illegal, and unethical material.
- Known malicious IP addresses:This list includes malicious IP addresses that are currently used almost exclusively by malicious actors for malware distribution, command-and-control, or for launching various attacks. This list has been verified by our threat research team to be malicious.
- Palo Alto Networks - High-risk IP addresses: This list includes IP addresses that have recently been featured in threat activity advisories distributed by high-trust organizations; however, Palo Alto Networks does not have direct evidence of maliciousness.
These External Dynamic Lists are available as a part of the Antivirus Dynamic Updates on the Palo Alto Networks Firewalls.

Install Antivirus from GUI: Device > Dynamic Updates, before the predefined External Dynamic Lists populate under GUI: Objects > External Dynamic Lists.
A valid Threat Prevention license is required to be loaded on the Palo Alto Networks Firewall for installing Antivirus.
Applications and Threats needs to be installed on the Firewall before installing Antivirus.