what about using this as a solution:
http://www.akamai.com/html/misc/akamai_client/netsession_interface_faq.html
Richard Stovall wrote:
That should have been "...if I create a network object for
media.pearsoncmg.com..."
On Tue, Aug 30, 2011 at 11:54 AM, Richard Stovall <[email protected]> wrote:
On my SonicWall, if a create a rule for media.pearsoncmg.com, I can
write rules which allow or deny access no matter the underlying ip.
Here's the definition SonicWall uses to describe ther FQDN network
object.
FQDN Address Objects are resolved using the DNS servers configured on
the SonicWALL in
the Network > DNS page. Since it is common for DNS entries to resolve
to multiple IP
addresses, the FQDN DAO resolution process will retrieve all of the
addresses to which a host
name resolves, up to 256 entries per AO. In addition to resolving the
FQDN to its IPs, the
resolution process will also associate the entry’s TTL (time to live)
as configured by the DNS
administrator. TTL will then be honored to ensure the FQDN information
does not become
stale.
On Tue, Aug 30, 2011 at 11:40 AM, Ben Scott <[email protected]> wrote:
On Tue, Aug 30, 2011 at 9:50 AM, Richard Stovall <[email protected]> wrote:
I don't know about other firewalls, but recent SonicWalls allow you to
create network objects based on FQDN and then use those objects in
your rules.
How does that cope with a CDN which might generate different IP
addresses at any given time?
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin
