Learn how to create a FQDN list on Cloud NGFW for Azure.
Where Can I Use This? | What Do I Need? |
|
- Cloud NGFW subscription
- Palo Alto Networks Customer Support Portal account
- Azure Marketplace subscription
|
A security rule object is a single object or collective unit that groups discrete
identities such as IP addresses, fully-qualified domain names (FQDN), intelligent
feeds, or certificates. Typically, when creating a policy object, you group objects
that require similar permissions in policy. For example, if your organization uses a
set of server IP addresses for authenticating users, you can group the set of server
IP addresses as a prefix list object and reference that prefix list in one or more
security rule. Group object allows you to significantly reduce the administrative
overhead in creating rules.
An FQDN (for example, paloaltonetworks.com) object provides further ease of use
because DNS provides the FQDN resolution to the IP addresses instead of you needing
to know the IP addresses and manually updating them every time the FQDN resolves to
a new IP addresses.
To configure a FQDN list, familiarize yourself with how
rulestacks work.