1 Reply Latest reply: Oct 17, 2014 7:15 AM by vvarak RSS

    DNS Protect

    Evandro Rodrigues

      Hello All!

       

      Is there a way to verify the real effectiveness of the "DNS Protect" function for IPS Sensors?

      I mean, when we configure it like "set dnsprotect <inbound><inbound‑outbound><ip‑based><off><outbound>", is there some kind of dashboard, ips signature or any other way to see the results of this protection?

       

      Thanks,

      Evandro.

        • 1. Re: DNS Protect
          vvarak

          Hi Evandro,

           

          I know it's a year later, but for anyone else reading this.  No, there are no stats.

          But none are needed.  This feature mearly blocks DNS from using UDP and forces all traffic to use TCP.

          Using TCP prevent things like ampflication attacks.

          Of course this will add a bit of overhead and latency for devices trying UDP first, and then reverting to TCP.