FQDN used in Advanced Firewall rule

(Andreas Kopplinger) #1

FQDNs can be used in “Destination IPs” tab for the Advanced Firewall module. Does someone has experience with that?
Are there further requirements for that like sending DNS traffic to Zscaler?
How is this the resolution done here in general? Is this mapped to users or locations?
I think DNS resolution “done from clients” might be different from DNS resolution “done from other clients” or “done from Zscaler DC” due to different resolvers or countries / region.
Will “DNS over TLS” / “DNS over SSL” affect this feature somehow?

Thanks for your help in advance!
Best regards