The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Test the Intelligent Proxy

Once you've applied the DNS policy with the intelligent proxy enabled to an identity, test it.

Prerequisites

  • A DNS policy with the intelligent proxy enabled is applied to an identity.

Procedure

  1. Navigate to http://proxy.opendnstest.com/.
  2. Follow the instructions on the page to see how Umbrella can block an image within an otherwise good website, or block entire websites using the intelligent proxy.
    Expand Allowed URL & blocked page content to see how the Intelligent Proxy blocks malicious elements or files within otherwise good domains.

If you find that the test site indicates you're not using the intelligent proxy, check to make sure the identity you're using has intelligent proxy capabilities enabled in the policy that applies to it.

To determine if a domain is being resolved to the intelligent proxy, and then being proxied, perform a lookup of the domain from an identity using the proxy.

If the IP address of "domain.com" comes back with an IP address within the ranges 146.112.0.0/16 and 155.190.0.0/16, then it's being directed through the intelligent proxy. To avoid this from happening, specifically add this domain to an allow list or the global allow list for your organization.

Note: We also do not proxy traffic on non-standard ports for web traffic. This means that traffic to a proxied domain that is on a port other than 80 or 443 will be dropped when it reaches the proxy. If you wish to prevent this, add the domain to a global allow list.


Enable the Intelligent Proxy < Test the Intelligent Proxy > Test Selective Decryption

Updated 4 months ago

Test the Intelligent Proxy


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.