Use of Custom Category URL Wildcard FQDN ports other than 80/443 (i.e. other ports 8081, 8082, 8090, 25-smtp, 53-dns, among others).
Hello good afternoon, as I always mention, thank you very much for the collaboration and your time.
I have a doubt regarding the use of Wildcard FQDN, I understand that as Address object is not possible to add wildcard FQDN, that can be done through URL Custom category and there use example: *.test.com/*, *.testsite.net/*, etc, etc, etc.
Now my doubt when placing in a rule/policy this condition of constom URL for the use of Wildcard, but in service/port are used for example other services, that are not http/https, that is to say 8081,8082, 8090,5000, 5600, 57000, 7070, 9443, 25-smtp, 53-dns, this is compatible ? or the URL Custom category with Wildcard is limited only to connections of the type http/https?
I remain attentive, thank you very much for the collaboration.
Best regards
The answer to your query is multilayered App-ID (and content-ID) is port agnostic, so the port for this issue is not relevant What is important, is that url filtering can only trigger on something that contains a domain name in some sort of protocol header So many of the ports you mention may contain enough data (http get x.x.x or some other) and can be classified by url filtering Other protocols will not have such a header (DNS for example)and won't be classified A workaround however could be to create custom apps that do match on the FQDN wildcard you're looking for (you could even go so far as to classify DNS requests containing the FQDN in the request payload