Create Standalone FQDN Match Object

Procedure

Step 1

Navigate to Policies > Security Policies > FQDN.

Step 2

Click Create.

Step 3

Provide a Profile Name and Description.

Step 4

Specify the Type as Standalone.

Step 5

Click Add to create a new row.

Step 6

Specify individual FQDNs (e.g., www.twitter.com,.*.google.com)

  1. Each FQDN is specified as a PCRE (Perl Compatible Regular Expression).

  2. Consider escaping the . character else it will be treated as a single character wildcard.

Step 7

(Optional) Specify Decryption Exception for any FQDNs where decryption is not desired or possible. Possible reasons for considering Decryption Exception include:

Step 8

Desire to not inspect encrypted traffic (financial services, defense, health care, etc.).

Step 9

SSO authentication traffic where decryption is not possible.

Step 10

NTLM traffic that cannot be proxied.

Step 11

Click Save when completed.