Using Domain Name elements in Firewall Access rules
You can use Domain Name elements in Access rules to represent a fully qualified domain name (FQDN) that might be associated with multiple IP addresses.
If you have specified one or more DNS servers in the engine’s properties, the engine periodically queries the DNS server to automatically resolve domain names to IP addresses. This makes it possible to create rules that are valid even if new addresses are added to the domain or the domain’s IP addresses change. If the DNS server returns multiple IP addresses for the same domain name, the engine associates all the IP addresses with the domain name. However, if there are a large number IP addresses associated with the same domain name, the DNS server might only reply with a few of the IP addresses at a time. In this case, the engine might need to make more queries to the DNS server to resolve all the IP addresses for the domain name. By default, the engine queries the DNS server every six minutes. Resolved IP addresses are kept in the engine’s DNS cache for a maximum of one hour by default.
Domain Name elements also enable use of custom dynamic elements in Access rules. FQDN domain suffix .namedb.local
is recognized by NGFW Engine and handled with
specific custom resolver scripts. For more information, see Knowledge Base article 33503