Block Dynamic Domain from Security Rulebase

Reply
Highlighted
L3 Networker

Block Dynamic Domain from Security Rulebase

Already the specified Malicious URL getting a block from URL Filtering and detected in Threat Prevention with action.

it’s a dynamic FQDN/IP that has to block from the security rule base too, but the does not want to add each IP to block as he received every time.

looking for a solution where the dynamic IP can be blocked from the firewall itself so that adding the dynamic IPs or FQDN can be avoided.

 

apart from EDL there any other option to block the dynamic IP and URL can be block.

 

As the URL receives example..  www.abc.com / www.abc.2.com / www.2.abc.com / www.jhs.abc.com / www.mem1.abc.com with

dynamic IPs, only common is abc.com rest of are keep on change.

Highlighted
Cyber Elite

Re: Block Dynamic Domain from Security Rulebase

@Mohammed_Yasin,

Depending on what the domain is, a custom vulnerability signature could work. 

Highlighted
L3 Networker

Re: Block Dynamic Domain from Security Rulebase

Thanks for the update.

 

It's a public domain website. and already firewall see has a vulnerability for this site.

Highlighted
Cyber Elite

Re: Block Dynamic Domain from Security Rulebase

Hello,

If the URL filter is flagging it and blocking it, why would you want to block the IP as well? Most sites are hosted by a provider and can we attached to many different sites. Just follow the best practice for URL filtering and DNS sinkhole and let the firewall send telemetry back to PAN so they can update their data bases.

 

Hope that makes sense.

Highlighted
L1 Bithead

Re: Block Dynamic Domain from Security Rulebase

DNS Security feature can detect similar domain

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!