- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-07-2022 04:26 PM
Per the steps in the guide, I cloned the default profile and set about to configure
the DNS Signatures tab of the new profile. I believe that I want to sinkhole
both the classic signature (with 100k rules in the firewall) and the
newer DNS Security signature which will query PANs cloud database.
But then to effect these actions I need to add a security policy where Actions/Profiles
references my new Anti-Spyware profile which I named "DNS Security Profile".
For this specific rule, should the Action be Allow? Deny? Drop? Other?
03-08-2022 10:57 AM
You've already configured it. In the DNS Security Profile, you set the action to "sinkhole." So when your traffic with that security policy applied, reaches out to a known bad source, the request will get dropped. Even though it may be an allow traffic rule, DNS Security will always run. Trust, but verify.
See more here.
03-08-2022 10:57 AM
You've already configured it. In the DNS Security Profile, you set the action to "sinkhole." So when your traffic with that security policy applied, reaches out to a known bad source, the request will get dropped. Even though it may be an allow traffic rule, DNS Security will always run. Trust, but verify.
See more here.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!