Create Standalone FQDN Match Object

Procedure

Step 1

In the Security Cloud Control platform menu, choose Products > Multicloud Defense .

Step 2

Navigate to Policies > Security Policies > FQDN.

Step 3

Click Create.

Step 4

Provide a Profile Name and Description.

Step 5

Specify the Type as Standalone.

Step 6

Click Add to create a new row.

Step 7

Specify individual FQDNs (e.g., www.twitter.com,.*.google.com).

  1. Each FQDN is specified as a PCRE (Perl Compatible Regular Expression).

  2. Consider escaping the . character, or else it will be treated as a single character wildcard.

Step 8

(Optional) Specify Decryption Exception for any FQDNs where decryption is not desired or possible. Possible reasons for considering Decryption Exception include:

  • The desire to not inspect encrypted traffic (financial services, defense, healthcare, etc.).

  • SSO authentication traffic where decryption is not possible.

  • NTLM traffic that cannot be proxied.

Step 9

Click Save.