That should have been "...if I create a network object for media.pearsoncmg.com..."
On Tue, Aug 30, 2011 at 11:54 AM, Richard Stovall <[email protected]> wrote: > On my SonicWall, if a create a rule for media.pearsoncmg.com, I can > write rules which allow or deny access no matter the underlying ip. > Here's the definition SonicWall uses to describe ther FQDN network > object. > > FQDN Address Objects are resolved using the DNS servers configured on > the SonicWALL in > the Network > DNS page. Since it is common for DNS entries to resolve > to multiple IP > addresses, the FQDN DAO resolution process will retrieve all of the > addresses to which a host > name resolves, up to 256 entries per AO. In addition to resolving the > FQDN to its IPs, the > resolution process will also associate the entry’s TTL (time to live) > as configured by the DNS > administrator. TTL will then be honored to ensure the FQDN information > does not become > stale. > > On Tue, Aug 30, 2011 at 11:40 AM, Ben Scott <[email protected]> wrote: >> On Tue, Aug 30, 2011 at 9:50 AM, Richard Stovall <[email protected]> wrote: >>> I don't know about other firewalls, but recent SonicWalls allow you to >>> create network objects based on FQDN and then use those objects in >>> your rules. >> >> How does that cope with a CDN which might generate different IP >> addresses at any given time? >> >> -- Ben >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
