Manage Destination Lists

A destination list is a collection of domains, URLs, IPv4 addresses, and CIDRs to which you want to apply the same internet access rules.

You can allow or block destination lists based on the policies that are applied to the identities in your organization.

Important: Large destination lists can impact Secure Access performance. We recommend that you set a limit of no more than 100 destinations per list.

Note: Internet access rules specify how traffic to internet destinations should be handled. The rules apply to traffic from managed devices to public internet sites and applications, including public cloud applications of which your company is a tenant.

You can add a destination list to Secure Access at any time. However, the destination list has no effect until you have added it to an internet access rule.

How to Format Your Destination List

Always enter domains in this format: domain.comNot: www.domain.com

Using the correct format ensures that*.domain.com is included in your destination list (a wildcard is implicit). However, if you only want to block subdomain.domain.com, you must be more specific when you define the entry.

Note: Destination lists accept domain names that are encoded in Punycode. For more information, see Add Punycode Domain Name to Destination List.


Delete an Internal Network Resource < Manage Destination Lists > Add a Destination List