Usage Enforcement only on external traffic?
When using DNSWatch with active enforcement mode, is only external traffic (to the Internet) monitored, or is traffic between internal interfaces (Trusted, Optional) on TCP/53 also monitored and redirected to the DNSWatch servers?
0
Best Answer
-
From the docs:
"DNSWatch evaluates your DNS traffic and denies any requests to known malicious or filtered domains."
and
"DNSWatch monitors DNS requests regardless of the connection type, protocol, or port"Which suggests that it looks at all DNS queries that go through the firewall for DNSWatch protected networks.
0
Sign In to comment.
Answers
Hi @Olix
You can set this up on the firebox via conditional DNS forwarding.
See example 4 in the documentation here for the scenario you're describing:
(DNSWatch Firebox Configuration Examples)
https://www.watchguard.com/help/docs/help-center/en-us/Content/en-US/Fireware/services/dnswatch/dnswatch_config_examples_c.html
-James Carson
WatchGuard Customer Support
Thank you very much. I asked because the information in the Watchguard Help Center is a little confusing. The article “About DNSWatch Usage Enforcement Options” says:
Enforcement Enabled - the Firebox redirects all outbound DNS requests from that interface to DNSWatch DNS servers.