Guides
ProductDeveloperPartnerPersonal
Guides

DNS Policy Settings

Umbrella provides a rich set of security controls which you can configure within a policy. You must have the intelligent proxy enabled for Umbrella to check certain policy settings.

Umbrella DNS Policy Settings

Within a policy, Umbrella evaluates the following policy settings, starting with your policy's allowed destination lists.

  1. Destination lists, allowed destinations
  2. Allowed applications
  3. With the intelligent proxy enabled, match an application URL in the allowed destination lists
  4. Security categories and Integration block lists
  5. Destination lists, blocked destinations
  6. With the intelligent proxy enabled, match a blocked URL in the unknown domains list
  7. Command and Control
  8. With the intelligent proxy enabled, match any URL in the unknown domains list
  9. Blocked applications
  10. Blocked content categories
  11. With the intelligent proxy enabled, check newly seen domains with the antivirus (AV) engine and Cisco Advanced Malware Protection (AMP)

Add a Policy < DNS Policy Settings > Best Practices for Policy Creation