Does anyone know a way to block any access to a site by FQDN instead of its ip address on the ISA500 series devices? I know you can block website access with Web URL filtering using FQDNs, but what it you want to block non-HTTP traffic to a site that has either multiple IPs or dynamic IPs? I typically use Address Management to setup sites that I want to limit or block, but you have to define specific IPs or ranges and that doesn't always work especially if host IPs are dynamic. Also, host static IPs can change over time so even if you define them in Address Management you have to periodically audit them to make sure they are still correct.
This is not only an issue with blocking sites, but also in trying to define QoS policies as those use addresses defined in Address Management which again use specific IPs or ranges. I am just trying to find a more reliable, long term, method of doing these types of management activities on the ISA500 devices.
Thanks for any advice.