Defining Domain Name elements

A Domain Name element represents all IP addresses that belong to a particular domain.

If you have entered the IP addresses of one or more DNS servers in the engine properties, the Firewall, IPS, and Layer 2 Firewall engines periodically query the DNS server to automatically resolve domain names to IP addresses. The use of DNS servers makes it possible to create rules that are valid even if new addresses are added to the domain or the domain’s IP addresses change.

If the DNS server returns multiple IP addresses for the same domain name, the engine associates all IP addresses with the domain name. However, if there are a many IP addresses associated with the same domain name, the DNS server might only reply with a few of the IP addresses at a time. In this case, the engine might need to make more queries to the DNS server to resolve all IP addresses for the domain name.

By default, the engine queries the DNS server every six minutes. Resolved IP addresses are kept in the engine’s DNS cache for a maximum of one hour by default.

Note: The DNS cache is not synchronized between nodes of a cluster. Each node separately queries the DNS server using the node’s NDI address. It is possible that the DNS cache might be different on different nodes of a cluster.

Domain Name Properties dialog box

Use this dialog box to define the properties of a Domain Name.

Option	Definition
Name	Specifies the element name.
Category (Optional)	Allows you to flexibly filter your Management Client view.
Select	Opens the Category Selection dialog box.
Comment (Optional)	Specifies useful information to administrators.