- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Question about wildcard objects
Hello team,
I have an argument to share and would also like your opinion.
If I create a wildcard FQDN object *.pluto.com qwhen the client does dns traffic I also get sub domains resolved for example foo.pluto.com duck.pluto.com etc.
Now if by chance a subdomain is malevo this is resolved anyway and the fqdn wildcard object is updated with the malevoo ip. What advice can you give me to fix this problem? Or maybe it is not necessary if you configure other security profiles ad hoc?
Thanks
BR
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Luca
This can't be handled at object level, but at web filter or so.
So you can still use the same object but just add a web filter profile if it is for web access.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Luca
In your case the wildcard object will contain the 3 FQDN with their IP address. Can you explain what is exactly the problem?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @AEK ,
I meant if a malicious fqdn ip is resolved because for example if foo.pluto.com is a malicious subdomain this is resolved and the FQDN wildcard object is updated with the malicious ip address
BR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Luca
This can't be handled at object level, but at web filter or so.
So you can still use the same object but just add a web filter profile if it is for web access.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Nothing can be done from FQDN resolution perspective. Instead you can Web Filter profile to block traffic going to malicious domains.
Also on YouTube---
Please do Subscribe
