Using Domain Name elements in Firewall Access rules

If you have specified one or more DNS servers in the engine’s properties, the engine periodically queries the DNS server to automatically resolve domain names to IP addresses. This makes it possible to create rules that are valid even if new addresses are added to the domain or the domain’s IP addresses change. If the DNS server returns multiple IP addresses for the same domain name, the engine associates all the IP addresses with the domain name. However, if there are a large number IP addresses associated with the same domain name, the DNS server might only reply with a few of the IP addresses at a time. In this case, the engine might need to make more queries to the DNS server to resolve all the IP addresses for the domain name. By default, the engine queries the DNS server every six minutes. Resolved IP addresses are kept in the engine’s DNS cache for a maximum of one hour by default.