Understanding DNS Filtering
DNS Filtering allows you to control and manage internet access across your network by blocking or allowing websites based on categories.
DNS filtering allows you to block users in your network from navigating to webpage URLs with their internet browser.
Its ability to filter out bad websites and allow access to approved ones is accomplished with blacklisting and whitelisting tools
How to Set Up DNS Filtering
- Open Networks from the Management Platform and navigate to the network on which you'd like to configure DNS filtering. Select the three-dotted icon on the right side, then select DNS Filtering.
2. Fill in the following information:
- Turn on the Enable DNS Filter toggle button.
- Blocked Domain Categories: Block access to websites by content category (select none, one or more).
- Blocked Domains/Exclusion list: Manually enter one or more specific URL(s) you'd like to make sure stay unblocked/blocked, or upload a .CSV file containing the addresses. Make sure that the .CSV file contains only one column, and that every cell contains one URL (as shown in the attached example). The file must contain no more than 1000 addresses. Each address must follow the form domain.com (that is, without www/HTTP/HTTPs prefixes).
Please note that when you block a domain, this will also block any related sub-domains.
3. Select Apply.
4. A successful message appears. Once it has been closed the new settings will be applied the next time a user connects to the network.
Recommendations
- Ensure you have a clear understanding of what needs to be blocked or allowed according to your organization's policy.
- Test the DNS filtering settings to confirm they are working as expected.
Troubleshooting
If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support.
Support Contacts
If you have any difficulties or questions, don't hesitate to contact Harmony SASE's support team. We offer 24/7 chat support on our website at Perimeter81.com, or you can email us at sase-support@checkpoint.com. We're here to assist you and ensure your VPN tunnel setup is a success