DNSMatcher retrieves the IP addresses of domain names. This can be used in domain name based policy decisions, for example to allow encrypted connections only to trusted e-banking sites. If the IP address of the name server is not specified in the DNS Server field, the name server set in the Networking component is used (see Section 5.3, Managing client-side name resolution for details).

Example 6.10. DNSMatcher for two domain names
Figure 6.62. Sample DNSMatcher policy Python: MatcherPolicy(name="ExampleDomainMatcher", matcher=DNSMatcher(server="dns.example.com",\ hosts=("example2.com", "example3.com")))