cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Nick5
Employee
Employee
Report Inappropriate Content
Message 1 of 4
‎03-25-2021 06:31 AM

FQDN Wildcard Support for Firewall

Jump to solution

The Microsoft vendor is providing cloud services to the masses. Microsoft is providing documentation for the needed open ports and destination addresses for the different online services they offer. But we, as an end users of McAfee Firewall, are unable to configure the McAfee Firewall due to the 102 wildcards “ * “ listed in the Microsoft article for FQDNs: “ https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-world... “ because the McAfee Firewall does not support wildcard FQDN “ * “.  

Without a way to Wildcard the FQDNs we are required to input each and every IP range contained in the article for the different SAAS products we have signed up for. This is increasing or bloating the Firewall policies way more than it needs to be for both the IPv4 and IPv6 addresses. In some areas of the article there are no IPs and just a wild carded FQDN. Putting in the IPs is also prone to failure when those IPs are change or expanded.

I wish McAfee Firewall had an option to choose within the policy an “Address type” of “Office 365 Outlook” or “Office 365 Teams” where all of the different cloud services connections were configured for access, instead of the selections of “Single IP address” or “Fully qualified domain name” or other item where we are limited. But I think to update this item would too difficult to keep up with.  

Having the FQDN wildcard would help in creating the rules for SAAS products and limit the traffic, especially when the vendor only document wild carded access. This is not a full proof way to prevent users from connection to other organizations resources for data exfiltration.

As more and more SAAS move to the cloud, the flexibility of endpoint products will need to become even more flexible when dealing with the different products.

Additional Related PERs: 

1. https://community.mcafee.com/t5/Enterprise-Customer-Product/Firewall-Rule-does-not-allow-to-whitelis...

2. https://community.mcafee.com/t5/Endpoint-Security-ENS/Office-365-and-DNS-IP-restriction-Dynamic-DNS-...

3.  https://community.mcafee.com/t5/Enterprise-Customer-Product/Wildcard-use-in-Firewall-rule/idi-p/6666...  

 

3 people had this problem.
Reply
1 Solution

Accepted Solutions
AdithyanT
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎03-25-2021 05:29 PM

Re: FQDN Wildcard Support for Firewall

Jump to solution

Hi @Nick5,

Excellent post! Great points there. Please do not forget to "like" the ideas you have listed and we shall have this highlighted internally to understand what would be the path we take to achieve this as a part of our ENSFW!

Please DM me if you wish to progress on the same!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Reply
3 Replies
AdithyanT
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎03-25-2021 05:29 PM

Re: FQDN Wildcard Support for Firewall

Jump to solution

Hi @Nick5,

Excellent post! Great points there. Please do not forget to "like" the ideas you have listed and we shall have this highlighted internally to understand what would be the path we take to achieve this as a part of our ENSFW!

Please DM me if you wish to progress on the same!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Reply
denn
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 4
‎02-17-2022 11:56 PM

Re: FQDN Wildcard Support for Firewall

Jump to solution

Any updates from McAfee side about wildcards in FW rules ?

Reply
yeeahnick
Level 7
Report Inappropriate Content
Message 4 of 4
‎03-24-2022 11:27 AM

Re: FQDN Wildcard Support for Firewall

Jump to solution
I am also facing the same challenges with O365 and the lack of Wildcard support in ENS Firewall. The list of FQDN and subnets is getting huge in my firewall policy. It is a management nightmare not to mention the workload it creates. Being able to allow for example *.microsoft.com would help us so much.
0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC