DNS Filtering
  • 29 Apr 2024
  • 1 Minute to read
  • Contributors

    DNS Filtering

      Article summary

      Understanding DNS Filtering

      DNS Filtering allows you to control and manage internet access across your network by blocking or allowing websites based on categories.

      DNS filtering allows you to block users in your network from navigating to webpage URLs with their internet browser.

      Its ability to filter out bad websites and allow access to approved ones is accomplished with blacklisting and whitelisting tools

      How to Set Up DNS Filtering

      1. Open Networks from the Management Platform and navigate to the network on which you'd like to configure DNS filtering. Select the three-dotted icon on the right side, then select DNS Filtering.

      2. Fill in the following information:


      • Enable DNS Filtering.
      • URL Blacklist Categories: Block access to websites by content category (select none, one or more).
      • Whitelisted/Blacklisted URLs: Manually enter one or more specific URL(s) you'd like to make sure stay unblocked/blocked, or upload a .CSV file containing the addresses. Make sure that the .CSV file contains only one column, and that every cell contains one URL (as shown in the attached example). The file must contain no more than 1000 addresses. Each address must follow the form domain.com (that is, without www/HTTP/HTTPs prefixes).



      Please note that when you block a domain, this will also block any related sub-domains.

      3. Select Apply.

      4. A successful message appears. Once it has been closed the new settings will be applied the next time a user connects to the network.


      1. Ensure you have a clear understanding of what needs to be blocked or allowed according to your organization's policy.
      2. Test the DNS filtering settings to confirm they are working as expected.


      If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support.

      Support Contacts

      If you have any difficulties or questions, don't hesitate to contact Harmony SASE's support team. We offer 24/7 chat support on our website at Perimeter81.com, or you can email us at sase-support@checkpoint.com. We're here to assist you and ensure your VPN tunnel setup is a success

      Was this article helpful?