This list is only useful for a proxy... There's a bunch of HTTPS entries on that list - by the time the firewall sees these, they're an SSL encrypted TCP connection to an IP address.
Why can't MS just use a small number of I addresses for the HTTPS portion of Windows Update? At the moment, there seems to be hundreds. We've got 11 entries in our firewall at the moment, and most of those are /24 and /16 ranges (attempting to keep the list more manageable).
Why do we need this? We have a set of c
↧