METHOD AND SYSTEM FOR ALLOWING THE USE OF DOMAIN NAMES IN ENFORCING NETWORK POLICY
摘要
A method and a system for creating Internet Protocol address based network policy by using domain name based network policies is disclosed. The domain name based network policies are stored. When a network device receives an record Domain Name System look-up reply, the network device identifies one or more Internet Protocol addresses of one or more host names specified in the address record Domain Name System look-up reply, then determine whether the one or more host names contain a domain name used in one or more domain name based network policies and create one or more Internet Protocol address based network policies.