How to create policy to allow executable file in Paloalto Firewall

In a case your company would like to allow download an executable file from certain website, you can create a policy. Here is how.

  1. Go to Objects>Security Profiles>File Blocking, create an object, for example Allow-exe-pe-files-cdn.stf.com.

Note: you can add more files here in the future.

2. Go to Custom Objects>URL Category. Add an object, Allow-url-cdn.stf.com in our example.

Note: you can add more URL here in the future.

3. Create a policy under Security, Trust to Internet to allow file_exe in out case. This policy must be top of other policy “Trust to Internet” # 11. We can put Trust to Internet to allow file_exe  on #10

4. Run Commit to save the settings.

Published by

Bob Lin

Bob Lin, Chicagotech-MVP, MCSE & CNE Data recovery, Windows OS Recovery, Networking, and Computer Troubleshooting on http://www.ChicagoTech.net How to Install and Configure Windows, VMware, Virtualization and Cisco on http://www.HowToNetworking.com