Why DNS-based Walled Garden (and not IP-based)
On the internet a Walled Garden is an environment that controls the user's access to any web content and services. An Internet Service Provider (ISP) may or may not allow users to select some of the Web sites contained or barred from the allowed garden. You may find other terms used such as: ACL, IP rules etc. The goal is the same: to be able to access certain servers BEFORE authentication.
If it comes to SOCIFI we need to have the access to our servers and if the social media network authorization is needed - also access to their servers.
In the past it was sufficient to enter the IP of the specific server - and that worked until the IP was changed. And this is it - in the new age of cloud-based services the IP address can change any time and thus the static IP address is not enough anymore. Therefore, there is a need of more flexible solution - which is the DNS. Even the wide range of IP will not always work because for example Facebook uses hundreds of IP's at the same time and the range is changing all the time. Please note that some vendors allow the limited amount of entries for the IP ranges (e.g. 64 only).
That's why SOCIFI (and all services using the cloud solution) need the DNS-based Walled Garden and not the IP-based Walled Garden.
DNS-Based Walled Garden is an essential for correct behavior of SOCIFI
Considerations:
- some vendors would allow to enter the DNS name, but this is then resolved to IP and then they are used in the same way as static IP
- some vendors can allow a wide range of IP (as a workaround) which can lead to a security breach
- the DNS-based Walled Garden also allows the use of subdomains, e.g.: *.google.com or accounts.google.com etc.