FQDN Analysis

FQDN Analysis allows administrators to gain insight into the type of websites accessed within the organization, and understand the reputation and risk of the accessed websites.

Functionality	Distributed Firewall	Gateway Firewall
FQDN Analysis (formerly URL Analysis)	NO	YES (in 3.2) Supported only on tier-1 gateways. Uses DNS snooping to get domains being accessed Needs GFW L7 DNS rule for DNS snooping DNS server needs to be north of Tier-1 gateway
URL Filtering (new in 3.2)	NO	YES Uses L7 Access Profile (subset of URL filtering) Uses L7 DPI/URL database for enforcement HTTPS traffic: Need TLS Decryption to enforce filtering URL path
FQDN Filtering	YES Using context profiles Uses DNS snooping to get FQDN to IP mapping for enforcement. Need DFW L7 DNS rule for DNS snooping	YES (in 3.2) Uses L7 Access Profile (subset of URL filtering) Uses L7 DPI/URL database for enforcement

Functionality

Distributed Firewall

Gateway Firewall

FQDN Analysis (formerly URL Analysis)

YES (in 3.2)

Supported only on tier-1 gateways.

Uses DNS snooping to get domains being accessed
Needs GFW L7 DNS rule for DNS snooping
DNS server needs to be north of Tier-1 gateway

URL Filtering (new in 3.2)

YES

Uses L7 Access Profile (subset of URL filtering)
Uses L7 DPI/URL database for enforcement
HTTPS traffic: Need TLS Decryption to enforce filtering URL path

FQDN Filtering

YES

Using context profiles
Uses DNS snooping to get FQDN to IP mapping for enforcement.
Need DFW L7 DNS rule for DNS snooping

YES (in 3.2)

Uses L7 Access Profile (subset of URL filtering)
Uses L7 DPI/URL database for enforcement