I need to create custom signature for the dns traffic.
what is want is if dns query is about nxdomain then PA should drop it.
Is this possible to config in PA?
Is your ask is to block DNS query traffic of specific hostname (nslookup hostname)? If yes, then it is possible to do it with PA. Let me know if my understanding is correct.
I have name server and I see so many queries to the domain names that do not exist.
So i need to know if i can create custom signature for nxdomains
Ah I see. PA do have capability of blocking DNS queries for given name. But I don't think PA have capability of blocking nxdomain as PA will not have any prior knowledge of existent or non-existent status.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!