DNS Filter in SonicOS 7.1

03/28/2024 10 People found this article helpful 106,589 Views

Description

DNS filtering is a critical component of network security, enabling administrators to control access to websites and mitigate security risks. SonicOS 7.1 offers robust DNS filtering capabilities, including integration with Neustar, a leading provider of DNS security services.

Neustar is a trusted industry leader in providing authoritative DNS services, DNS-based security solutions, and threat intelligence.Neustar's solutions are designed to protect against DNS-based attacks, ensure optimal performance and reliability, and enable organizations to maintain control over their DNS infrastructure.

Integration with Neustar's DNS security services enhances SonicWall's DNS filtering capabilities in several ways:

Real-time Threat Intelligence: Neustar continuously monitors global DNS traffic to identify emerging threats and malicious domains in real-time. By integrating Neustar's threat intelligence feeds, SonicWall can proactively block access to known malicious domains, preventing users from inadvertently accessing harmful content.
Advanced Filtering: Neustar's DNS security services offer advanced filtering capabilities, allowing administrators to enforce granular policies based on domain reputation, content categories, and threat intelligence. SonicWall can leverage these filtering capabilities to enforce policies that align with organizational security requirements and compliance mandates.
Scalability and Performance: Neustar's robust infrastructure ensures high availability, scalability, and optimal performance for DNS resolution. By leveraging Neustar's global network of DNS servers, SonicWall can deliver fast and reliable DNS resolution services to users across distributed networks, regardless of geographical location.
Comprehensive Protection: Neustar's DNS security services provide comprehensive protection against a wide range of DNS-based threats, including malware, phishing, ransomware, and data exfiltration attempts. By integrating Neustar's threat intelligence into SonicWall's DNS filtering solution, organizations can effectively mitigate the risks associated with DNS-related attacks and safeguard their network infrastructure and sensitive data.

Configuration Changes Reference:

BEFORE 7.X	AFTER 7.X
Global Enable DNS Proxy	No longer needed
Enable DNS Proxy per interface	In each DNS Policy, configure the source interface
DNS Proxy Mode	Configured in each DNS Policy
Enforce DNS Proxy For All DNS Requests	As origin
Enable DNS Proxy Cache	As origin

Resolution

Configuration Prerequisites for DNS Filtering:

License Check: Before using DNS Filtering, ensure that DNS Filtering is licensed under Gateway Services. Verify this on the license page.
DNS Policy Configuration:Add, edit, or delete DNS policies manually in the Policy |Rules and Policies|DNS Rules section.
DNS Profile Setup: Add, edit, or delete DNS Profiles in the Object | Profile Objects | DNS Filtering section.
Configure the DHCP DNS Server Lease Scopes interface to use the firewall's interface IP in the Dynamic Range Configuration.
Enforce DNS Proxy Setting:Enable "Enforce DNS Proxy For All DNS Requests" in the DNS Proxy settings located in Network | DNS | DNS Proxy.

TIP: For assistance with the configuration, please follow: Configuring DNS Filtering

Not Finding Your Answers?

ASK THE COMMUNITY

Was This Article Helpful?

YES NO

DNS Filter in SonicOS 7.1

Description

Resolution

Related Articles

Categories

Not Finding Your Answers?

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Follow Us

Subscribe to newsletter

Stay In Touch