Create Standalone FQDN Match Object

Procedure

Step 1

Navigate to Policies > Security Policies > FQDN.

Step 2

Click Create.

Step 3

Provide a Profile Name and Description.

Step 4

Specify the Type as Standalone.

Step 5

Click Add to create a new row.

Step 6

Specify individual FQDNs (e.g., www.twitter.com,.*.google.com).

  1. Each FQDN is specified as a PCRE (Perl Compatible Regular Expression).

  2. Consider escaping the . character, or else it will be treated as a single character wildcard.

Step 7

(Optional) Specify Decryption Exception for any FQDNs where decryption is not desired or possible. Possible reasons for considering Decryption Exception include:

  • The desire to not inspect encrypted traffic (financial services, defense, healthcare, etc.).

  • SSO authentication traffic where decryption is not possible.

  • NTLM traffic that cannot be proxied.

Step 8

Click Save.