Wildcard Support for Cloud DNS Filtering
From today, Rawstream Network Security adds the capability to allow or block domains based on wildcards. Wildcard support is being rolled out across all our DNS IPs right now and will be complete across the next few hours. The entries will match on the full domain queried, including subdomains.
As an example: a wildcard entry for sw*.apple.com will match all the domains (swcdn.apple.com, swdownload.apple.com, swquery.apple.com, swscan.apple.com) used by Apple products for software updates.
Wildcard support allows IT admins to set granular policies to allow or deny access to specific subdomains while still allowing access to other subdomains or the parent domain.
Subdomains can be listed in the the Allow and Block. A block list entry for subdomain.parentdomain.com will block the subdomain but allow access to the parent domain.
Using Wildcards
The wildcard character is the * (asterisk). The * character is supported anywhere in a block or allow list entry, including the beginning or end of an entry. The following are all valid list entries:
- *test.com
- *.test.com
- beacon*.test.com
- sub.test.*
Existing allow and block list entries without the wildcard character will continue to work unchanged.
For support contact us at hello@rawstream.com
