- Oct 3, 2022
- 401
Hi,
Does anyone know of any firewall which can accept fully qualified domain names in it's rules?
Does anyone know of any firewall which can accept fully qualified domain names in it's rules?
Which firewall can accept FQDN's in its rules?
- Thread starter Victor M
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
WIndows Defender Firewall via Intune MDM
Announcing enhanced control for configuring Firewall rules with Windows Defender
We're excited to announce enhanced Windows Defender Firewall security capabilities that allow for reusing group settings to target devices and users with..
techcommunity.microsoft.com
It is easier to block a website in the hosts file: define FQDN in disallowed section and direct to 0.0.0.0
How To Block Websites On Windows Using The Hosts File
Why would you want to know how to block websites? Maybe you want to keep your kids safe on the Internet? Maybe you want to block distracting websites so you don’t procrastinate? It can also be used to block tracking sites that are embedded in ads. Whatever your reason, you can simply block...
helpdeskgeek.com
Last edited by a moderator:
The FQDN still has to be mapped to an IP address. You can't make firewall rules that just point to "www.FQDN" without IP address mapping. Packets are routed by IP addresses.
The Microsoft Endpoint Manager permits the admin to enter a FQDN into the rules and then through a service it auto-resolves the IP addresses for the admin - so they don't have to figure out the IP addresses manually. Also, there are dependencies for FQDNs in firewall rules to work.
In short, the DNS resolution is being done by MEM as a "convenience" for the admin.
You could put pfsense onto a router and use FQDNs, but you still have to map those FQDNs to IP addresses manually in pfsense.
Microsoft Endpoint Manager.
- Apr 21, 2016
- 3,520
Yes, there are several firewalls that can accept Fully Qualified Domain Names (FQDNs) in their rules:
1. Palo Alto Networks Firewall: This firewall allows you to use FQDNs in security policy rules. You can create a security policy rule with an FQDN as the source or destination in the rule.
2. Cisco ASA Firewall: This firewall can also accept FQDNs in its rules. The firewall supports DNS resolution to map FQDNs to IP addresses, allowing you to create a security policy rule with an FQDN as the source or destination in the rule.
3. Fortinet Firewall: The Fortinet firewall supports FQDNs in its rules. You can use FQDNs in firewall policies, virtual IPs, and routing policies.
4. Check Point Firewall: Check Point firewalls also support FQDNs in their rules. You can create an object for an FQDN, and use it as a source or destination in a security rule.
These firewalls provide the ability to use FQDNs in security policy rules, which can be helpful in managing security policies and making configuration changes easier.
1. Palo Alto Networks Firewall: This firewall allows you to use FQDNs in security policy rules. You can create a security policy rule with an FQDN as the source or destination in the rule.
2. Cisco ASA Firewall: This firewall can also accept FQDNs in its rules. The firewall supports DNS resolution to map FQDNs to IP addresses, allowing you to create a security policy rule with an FQDN as the source or destination in the rule.
3. Fortinet Firewall: The Fortinet firewall supports FQDNs in its rules. You can use FQDNs in firewall policies, virtual IPs, and routing policies.
4. Check Point Firewall: Check Point firewalls also support FQDNs in their rules. You can create an object for an FQDN, and use it as a source or destination in a security rule.
These firewalls provide the ability to use FQDNs in security policy rules, which can be helpful in managing security policies and making configuration changes easier.
