SonicOS 7.1 DNS Security
Table of Contents
About DNS Filtering
Before SonicOS 7.x, SonicOS doesn’t have the domain categorization service
SonicOS 7.1 onwards, SonicOS has central DNS management by leveraging DNS proxy, and DNS security features like DNS Filtering, DNS Sinkhole service ,and DNS Tunnel Detection.
The following are the configuration change reference.
| Before 7.x | After 7.x |
|---|---|
| Global Enable DNS Proxy | No longer needed |
| Enable DNS Proxy per interface | In each DNS Policy, configure the source interface |
| DNS Proxy Mode | Configured in each DNS Policy |
| Enforce DNS Proxy For All DNS Requests | As origin |
| Enable DNS Proxy Cache | As origin |
Neustar is a public DNS Server which has intelligence of domain name categorization. By integrating Neustar DNS service with SonicWall firewall, we obtain domain categorization service along with DNS for SonicWall customers.SonicWall support profiles to take different actions on different categories, then the DNS Packet will process according to the action. Neustar support 19 pre-defined categories and SonicWall support 4 actions.
