Demo Support Download Forums Blog Customer Login
 
Search:

 

 

Overview
Block-IT (AAC)
File Groups
File Group Assignment & Execution Schedule
Disabling Hash and Full Path Checking
Block-IT (HAC)
Host Access Rules
Host Name Resolution
Optimizing Host Access Rules
Licensing
View Demo Movie
Download Now

Optimizing Host Access Rules

Figure 10 shows an example of a more complex host access rule in which a URL has been resolved to multiple physical host IP addresses. However, unlike the previous example, it is sometimes possible to optimize the rule further by performing reverse name resolution on the individual physical IP addresses obtained from the DNS lookup. If a common name pattern is identified (figure 11), a more generalized rule can optionally be substituted for the original rule as shown in figure 12. This is very useful whenever the actual number of physical hosts serving up a particular URL exceeds the number reported by the single DNS lookup operation. The Block-IT technical documentation discusses this in more detail.


Figure 10 – It is sometimes possible to optimize a rule further by performing reverse name resolution on the individual physical IP addresses obtained from the DNS lookup.


Figure 11 – If a common name pattern is identified, a more generalized rule can optionally be substituted for the original rule.

Figure 12 – Examples of generalized rules (i.e., *.microsoft.com or www*.microsoft.com). The first generalized rule was suggested by Block-IT, while the second one was the result of simple common sense.

Next: Block-IT - Licensing

Legal Notice | Privacy Statement | Contact Us | Site Map ©2006 Provision Networks, Inc. All rights reserved.