Have rules for cylance.com being allowed on the application layer (All traffic regardless of zones.) However, the DMZ network is not seeing all their AWS instances as "cylance.com"
Okay fine I'll create a network rule (Seeing its traffic get blocked by last catch-all block/drop) for the DMZ to wildcard *.cylance.com <--- But you can't do that so I did .*\.cylance.com (FQDN domain object.)
Still nada. The odd thing is DMZ stuff isn't resolving their AWS addresses as standard traffic does.
Does anyone know where I've gone wrong?
Thanks in advance.