FQDN Analysis allows administrators to gain insight into the type of websites accessed within the organization, and understand the reputation and risk of the accessed websites.
Functionality |
Distributed Firewall |
Gateway Firewall |
FQDN Analysis (formerly URL Analysis) |
NO |
YES (in 3.2)
- Supported only on tier-1 gateways.
- Uses DNS snooping to get domains being accessed
- Needs GFW L7 DNS rule for DNS snooping
- DNS server needs to be north of Tier-1 gateway
|
URL Filtering (new in 3.2) |
NO |
YES
- Uses L7 Access Profile (subset of URL filtering)
- Uses L7 DPI/URL database for enforcement
- HTTPS traffic: Need TLS Decryption to enforce filtering URL path
|
FQDN Filtering |
YES
- Using context profiles
- Uses DNS snooping to get FQDN to IP mapping for enforcement.
- Need DFW L7 DNS rule for DNS snooping
|
YES (in 3.2)
- Uses L7 Access Profile (subset of URL filtering)
- Uses L7 DPI/URL database for enforcement
|