Palo Alto Next Generation Firewall - Rulesets on UW-Madison Wireless and WiscVPN networks

This document summarizes the rules in place on Palo Alto Next Generation network firewalls for the UW-Madison Wireless and WiscVPN networks.

Background

In order to reduce the risk of known threats, the UW-Madison Wireless UWNet/Eduroam and WiscVPN services implemented network protections using the advanced features of Palo Alto Networks' Next Generation Firewall.

Palo Alto Protections

The UWNet/Eduroam wireless service allows for protection of client devices though the use of Palo Alto's URL filtering security feature.
Web accesses to addresses associated with the following categories will be blocked:
  • command-and-control
  • phishing
  • malware

NO SSL decryption is enabled so no banking and passwords are decoded.

The web addresses mapped to these categories are updated periodically by Palo Alto.

More information about these categories can be found at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5hCAC

Support

If a block to a web site (http) has been made during an interactive browsing session, the below message will be returned on the browser:
Web Page Blocked Pop-Up Phishing Example
If you believe a web site is incorrectly blocked, you can request that it be re-tested by Palo Alto at https://urlfiltering.paloaltonetworks.com/  The same link can also be used to learn if a web site is currently blocked.

You can also contact the DoIT Help Desk to report possible blocking issues with the campus Wireless and WiscVPN ruleset by calling 608-264-HELP or by sending an email to cybersecurity@cio.wisc.edu (monitored during business hours).


Keywords:
palo alto next generation firewall rule ruleset wireless wiscvpn block web site 
Doc ID:
86279
Owned by:
Vincent A. in Cybersecurity
Created:
2018-10-05
Updated:
2023-10-09
Sites:
DoIT Help Desk, Office of Cybersecurity