Create a Standalone FQDN Filter Profile

Use the following procedure to create a standalone FQDN filter profile:

Procedure


Step 1

In the Security Cloud Control platform menu, choose Products > Multicloud Defense .

Step 2

Navigate to Policies > Profiles > FQDN Filtering.

Step 3

Click Create.

Step 4

Provide a unique Name.

Step 5

(Optional) Enter a Description. This may help differentiate between profiles with a similar name.

Step 6

Specify the Type as Standalone.

Step 7

Click Add to create a new row.

Step 8

Specify individual FQDNs (for example, google.com).

  1. Each FQDN is specified as a PCRE (Perl Compatible Regular Expression).

  2. Consider escaping the "." character else it will be treated as a single character wildcard.

Step 9

Specify a Category (for example, Gambling, Sports, Social Networking).

Step 10

Specify the policy Action for the user-specified FQDNs/Categories, Uncategorized and ANY rows.

  • Allow Log - Allow the requests and log an event.

  • Allow No Log - Allow the requests and do not log an event.

  • Deny Log - Deny the requests and log an event.

  • Deny No Log - Deny the requests and do not log an event.

Step 11

(Optional) Specify Decryption Exception for any FQDNs where decryption is not desired or possible. Possible reasons for considering decryption exception include:

  • Desire to not inspect encrypted traffic (for example, financial services, defense, health care, etc.).

  • SSO authentication traffic where decryption is not possible.

  • NTLM traffic that cannot be proxied.

Step 12

Click Save when completed.


What to do next

Attach the profile to a policy rule set. See Rule Sets and Rule Set Groups for more information.