Hi all,
We are trying to block TLD’s (Top level domains) within the FTD’s / FMC. For example, we wish to block TLD’s that can pose threats such as RU, plus a few others. Currently, we have a rule built in the “Security Intelligence” to attempt a block these TLD’s, but it doesn’t work. We adjusted the Object group (txt file) to try male it block “RU”. Regardless of which way it was added e.g .RU or *RU or just RU, all failed and allowed the traffic to pass.
Is it possible for the FTD’s do even do this? Should such a rule be added to Access Control Policy, and not use the Security Intelligence?
Thanks
