DNS Blocking Questions

DNS Blocking Questions

Is DNS blocking string matching only or can it use regex?
Glob matching can be used. Specifically, fnmatch is used.

Can DNS filtering cover apps that tunnel their requests?
It is not possible to block DNS over HTTPS. That is an encrypted channel that we cannot break. Recommend as policy enforcing disablement of feature in browsers that support this via MDM (if possible).

    • Related Articles

    • Blocking & Remediation Support Matrix

      Area Functionality Linux MacOS Windows Agent Version Requirement Remediation Kill Process 4.6.5.x + Remediation Quarantine 4.6.5.x + Blocking Process 4.6.5.x + Blocking DNS 4.6.5.x +