Trusted Domains
You can add, edit, or delete domain suffixes used by Security Controls to validate an agent's domain suffix. This feature ensures that only agents from the specified domains are permitted to communicate with the Security Controls Console.
This feature helps to identify and block the access to domains that are not permitted.
To add or modify Trusted Domains:
- Select Tools > Trusted Domain.
- Add a list of allowed domains, edit a domain from the list, or delete any domains that are not allowed or trusted anymore from the list.
You can use wildcard characters ( * ) to specify multiple domain levels. Each (*) represent a sub domain level. For example, *.example.com allows one subdomain level or *.*.example.net allows two subdomain levels.
A dialog similar to the following displays.
Domains do not match if they contain more subdomain levels than the number of wildcards specified. Domain values do not have the character limit.
Only domain suffixes listed in the Trusted Domains dialog are considered trusted. Agent registration and certificate requests from devices with untrusted domains will be rejected. These rejected registrations are logged in the Event History view under Agent Registration with a Failure status.
If a domain suffix is deleted, existing agents associated with that domain suffix continues to function. Those agents continue to function and renew their certificates even after expiration. If an agent is using a domain suffix at the time of deletion, a confirmation prompt appears.