Scribd
Upload
6 views7 pages

69 DNS Filter

The document provides a step-by-step guide on configuring DNS Filter profiles in FortiManager, including creating new filters and modifying existing ones. It details the process of editing firewall policies, installing the policy package, and verifying DNS traffic through FortiGate and FortiAnalyzer. Additionally, it includes instructions for testing the setup using botnet domain lists and checking DNS queries.

Uploaded by

Williams
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views7 pages

69 DNS Filter

The document provides a step-by-step guide on configuring DNS Filter profiles in FortiManager, including creating new filters and modifying existing ones. It details the process of editing firewall policies, installing the policy package, and verifying DNS traffic through FortiGate and FortiAnalyzer. Additionally, it includes instructions for testing the setup using botnet domain lists and checking DNS queries.

Uploaded by

Williams
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

DNS Filter Lab:

Go to Policy & Objects > Object Configurations >Security Profiles>DNS Filter. You can Create
New and also there are four preloaded DNS Filter profiles to use.

1 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Go to Policy & Objects > Object Configurations >Security Profiles>DNS Filter, you can modify the
default DNS Filter and enable the options you want, or you can create a new DNS Filter.

Continue on the FortiManager GUI, click Policy Packages, Click HQ-FW>Firewall Policy. Select
the first policy at the top of the list, and then click Edit.

2 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Click the Security Profiles check box. Configure DNS Filter and SSL/SSH Inspection and click OK.

3 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Install the Policy:
Continue on the FortiManager GUI, click Install>Install Wizard.

Select Install Policy Package & Device Settings. Conform that the HQ-FW policy package is
selected. And then click Next.

Confirm that the HQ-FW device is selected, and then click Next.

4 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Click Install Preview to see changes that will be applied to FortiGate. Click Close on the Install
Preview page. Click Install.

Once done click Finish.

5 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Test and Verify:
Click the botnet package link to see the latest botnet C&C domain list.

Visit botnet fully qualified Domain name or nslookup DNS it will show below error in page.

6 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Go to Log & Report > DNS Query to view the DNS traffic that just traverse the FortiGate and the
FortiGuard rating for this domain name.

In FortiAnalyzer, navigate to Log View>FortiGate>Security>DNS.

7 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717

You might also like