Cloud-based filtering enables secure DNS traffic without installing any software in the local environment. Public IP addresses are defined and assigned to security profiles. DNSCyte DNS servers are defined as forwarder DNS servers of your local DNS Servers.
Public IP deployments apply security profiles to client devices which are defined using a public IP to query DNS. Once DNS request is received from an assigned public IP address to DNSCyte Cloud DNS servers, the system automatically applies configured security policy to the DNS request. Enabling Public IP filtering consist of two steps:
The first stage of configuration is to apply a security profile to your Public IP. All DNS queries originated from the defined IP address(es) will be filtered by using a security profile. To set your Public IP go to deployment and select Public IP.
Figure 1. Public IP (Cloud Base Filtering)
Under Public IP, public IP definitions can be accessed and assigned to a security profile. Public IP definitions can be added or removed. To define a new Public IP, click "Add New IP" and new IP wizard appears right side of the screen.
Figure 2. New Public IP Definition
Public IP details can be defined from public IP definition screen. Public IP's can be static or bound to a dynamic domain. The following settings are configured:
Name: Logical name for thr Public IP.
IP Address: Your Public IP Address(es). You can define multiple IP by clicking "+" sign. IP ranges are also supported.
Security Profile: User can select appropriate Security Profile from the drop-down menu, which can be predefined or manually created. All DNS queries coming from defined IP Address will be evaluated by using security profile settings.
Block Page Logo: Block image can be set on the blocking page
Block Messages: Block messages can be customised in the block page by editing the field. System automatically updates blocking notification with this message
Sink Hole IP: By default, DNSCyte returns block page IP address to DNS queries which is blocked. You can set specific IP as a return result of blocked categories.
After you set all settings on Public IP definitions click Apply button to take effect your settings.
To process or filter DNS queries, DNSCyte should be the external DNS server. DNSCyte DNS servers use 184.108.40.206 and 220.127.116.11 IP addresses. Their DNS names are dns1.dnscyte.com and dns2.dnscyte.com. To forward DNS requests, DNS servers should be defined as forwarder DNS servers. Alternatively, DNSCyte DNS servers can be assigned in the end-points. Both sample settings are shown below.
Figure 3. Dns Settings on Client Machine
Figure 4. Dns Forwarder settings on Microsoft DNS Server
Once forwarder settings are made on the client or DNS Server, the system is ready to go.