Couple questions. Is is possible to determine the IP range of a company/college/organization, and if so, how? I ask because apparently Kerio does not allow domain names as access masks. Is there a firewall that DOES allow name usage in rules like that? I use remote desktop a lot on a non-default port and would like to tighten Kerio's rule allowing this to specify not only the local port (say, 1234) but also the remote site's allowed address range. I've used controlled access systems that allowed matching by hostnames - so something like *.abc.edu - but am unaware as to whether any software FWs allow for this. Seeing as how I'm behind a router, I would imagine that should do the trick, but for the sake of learning, I'm also up for learning of any alternative ways a rule could be better crafted beyond "okay, let all traffic from/to 1234 pass." Thanks.