![]() ![]() This means that objects in the EDL can change, and you don’t have to go in and manually update policies as they are configured with the EDL, they change automatically. The advantage of the EDLs is they are dynamic. These can then be used in policy enforcement, either in a positive or negative sense. ![]() What are Palo Alto External Dynamic Lists or EDLs?Įxternal Dynamic Lists or EDLs are text files hosted on a web server that allows a Palo Alto firewall to connect to to dynamically import objects, including IP addresses, URLs, and domains. In this post, we will take a look at how to Use PowerShell to Create Palo Alto EDL for Dynamic DNS clients. I was able to instead use a simple PowerShell script to poll a couple of dynamic DNS names and create a text file that I could host on an internal web server to feed a Palo Alto EDL. However, expendiancy often breeds solutions at the spur of the moment. I wasn’t able to quickly figure out an easy way to do this in Minemeld (as I am sure it can be). However, recently, I had a quick use case in conjuntion with dynamic dns hosts to allow applying policy to allow dynamic dns hostnames to be able to connect to a Palo Alto firewall. ![]() With Minemeld you can aggregate a number of different EDL resources and present these to the Palo Alto. As I have covered in the past, there is a really great solution that was brought forth by Palo Alto and open sourced called Minemeld. One of the really cool things you can do with the Palo Alto firewall is create external dynamic lists which allow dynamically aggregating a number of different resource types to allow the Palo Alto firewall to dynamically act on the objects in the list to apply policy, etc. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |