ZyXEL ZyWALL ATP700 User Guide - Page 778
Adding a DNS Service Control Rule
View all ZyXEL ZyWALL ATP700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 778 highlights
Chapter 37 System The following table describes the labels in this screen. Table 328 Configuration > System > DNS > Security Option Control Edit (Customize) LABEL DESCRIPTION Name You may change the name for the customized security option control policy. The customized security option control policy is checked first and if an address object match is not found, the Default control policy is checked. Query Recursion Choose if the ZyWALL/USG is allowed or denied to forward DNS client requests to DNS servers for resolution. This can apply to specific open DNS servers using the address objects in a customized rule. Additional Info from Cache Choose if the ZyWALL/USG is allowed or denied to cache Resource Records (RR) obtained from previous DNS queries. Address List Specifying address objects is not available in the default policy as all addresses are included. Available This box displays address objects created in Object > Address. Select one (or more), and click the > arrow to have it (them) join the Member list of address objects that will apply to this rule. For example, you could specify an open DNS server suspect of sending compromised resource records by adding an address object for that server to the member list. Member This box displays address objects that will apply to this rule. OK Click OK to save your customized settings and exit this screen. Cancel Click Cancel to exit this screen without saving. 37.6.14 Adding a DNS Service Control Rule Click the Add icon in the Service Control table to add a service control rule. Figure 522 Configuration > System > DNS > Service Control Rule Add The following table describes the labels in this screen. Table 329 Configuration > System > DNS > Service Control Rule Add LABEL DESCRIPTION Create new Object Address Object Use this to configure any new settings objects that you need to use in this screen. Select ALL to allow or deny any computer to send DNS queries to the Zyxel Device. Zone Select a predefined address object to just allow or deny the computer with the IP address that you specified to send DNS queries to the Zyxel Device. Select ALL to allow or prevent DNS queries through any zones. Select a predefined zone on which a DNS query to the Zyxel Device is allowed or denied. ZyWALL ATP Series User's Guide 778