DNS Policy Settings
Umbrella provides a rich set of security controls which you can configure within a policy. You must have the intelligent proxy enabled for Umbrella to check certain policy settings.
Umbrella DNS Policy Settings
- Block page
- Destination lists
- Content categories
- Intelligent proxy
- Applications
- Security categories
- File inspection
- DNS logging
Within a policy, Umbrella evaluates the following policy settings, starting with your policy's allowed destination lists.
- Destination lists, allowed destinations
- Allowed applications
- With the intelligent proxy enabled, match an application URL in the allowed destination lists
- Security categories and Integration block lists
- Destination lists, blocked destinations
- With the intelligent proxy enabled, match a blocked URL in the unknown domains list
- Command and Control
- With the intelligent proxy enabled, match any URL in the unknown domains list
- Blocked applications
- Blocked content categories
- With the intelligent proxy enabled, check newly seen domains with the antivirus (AV) engine and Cisco Advanced Malware Protection (AMP)
Add a Policy < DNS Policy Settings > Best Practices for Policy Creation
Updated 10 months ago