Block an FQDN Match Object

After you define an FQDN object, you can perform actions such as block the FQDN object in a ruleset. Blocking of an FQDN match object is applicable for egress traffic (Forwarding or Forward Proxy service objects). To block an FQDN match object, you will need match the object in a reference rule.

Note

Version 24.08 supports 6-tuple matching with FQDN. This means if you opt to have the first matching rule configured to block a FQDN match, two events are logged instead of one: the first event logged for the L4 Firewall is "Allow" and the second event logged for the FQDN object match is "Deny".

Procedure


Step 1

In the Security Cloud Control platform menu, choose Products > Multicloud Defense .

Step 2

Navigate to Manage > Security Policies > Rule Sets.

Step 3

Perform the steps outlined in Add or Edit a Forward Proxy Rule in a Rule Set.

Step 4

In the Action dropdown list, select Deny Log. This action will automatically drop the connection and deny the request.

Step 5

Click Save after completion of the outlined steps.