Fully Qualified Domain Names (FQDN) based Split Tunneling

Fully Qualified Domain Names (FQDN) based split tunneling will allow the Ivanti Connect Secure administrator to configure the split tunneling based on FQDN. FQDN based resources can be defined as exclude policy and include policy for split tunneling. Based on the role merging rules as is done for IP/Netmask based resources, Ivanti Connect Secure will send lists of FQDN include policy and FQDN exclude policy to Ivanti Secure Access Client.

Ivanti Connect Secure will send list of FQDN based split tunneling rules with FQDN only to Ivanti Secure Access Clients 9.0R1 onwards. So, Ivanti Secure Access Client lesser than 9.0R1release, are not affected by new set of configuration rules.

Ivanti Secure Access Client will send all DNS requests to the Ivanti Connect Secure server and then decide based on FQDN Exclude Policy and FQDN Include Policy lists.

A FQDN name might resolve to multiple IP addresses and can also have other CNAME addresses that are expected to be treated on par with the original FQDN.

This feature is helpful while configuring rules to ignore or tunnel cloud services.