Hello Russell124, sorry for not responding to this comment in a while - as you can imagine, the problem went away.
Blocking by dns name would be a simple approach, but no the firewall does not allow dns names in the rules. Additionally, we would never (unless for some reason the risk was worth it) deploy a firewall that permitted dns names in the rules.
The reason for this is that if a firewall rule uses a DNS based named rule then the firewall is not deciding the IP addresses in use, but the DNS server. So if someone wanted to manipulate the firewall rules, this could be done by poisoning the DNS server. You wouldn't even need to attempt an attack on the firewall itself. This is a pretty firm "no".