Following on from the August release for country-code Top-level domain enforcement, we are excited to announce that with this release, Secure Access customers can configure any top-level domains (TLD) within Destination Lists and not just country-code domains. The previous restriction on destination list support to just country-codes no longer applies.

NOTE: Destination Lists will now support configuration of all top-level domains and not just country-code domains 

Key Benefits

• Reduced Attack Surface: Potential entry points for attacks can be proactively restricted by creating policies to block high-risk or suspicious TLDs
• Simplified Security Policies: Using policies with TLDs can cover large volumes of domains with fewer rules, making administration easier
• Enhanced Compliance Controls: TLD-based policies can help meet compliance mandates which require restricting access to domains associated with prohibited activities

Getting Started

To configure policies against TLDs in Secure access, follow these steps:

1. Login to the Secure Access dashboard and Navigate to Resources > Internet and SaaS Resources > Destination Lists
2. Select the +Add button to create a new destination list
3. Give the list a name and then in the next field, enter a top-level domain of your choice. Save the destination list when done
4. The destination list is available as a destination when you add an internet access rule and will be enforced by our DNS resolvers as well as the Secure Web Gateway (SWG). FWaaS enforcement is restricted to FQDNs.

Documentation and Resources

• Add a Destination List
• Manage a Destination List
• Control access to Domains