DNS filtering and application control
Topic
This article describes the configuration process for DNS filters and category-based application control within Datto Secure Edge.
Environment
- Datto Secure Edge
Description
Index
- Navigating to Security Policy Settings
- DNS filtering and category-based blocking
- Application Control
Navigating to Security Policy Settings
-
In Datto Network Manager, click Secure Edge in the Navigation menu, then select Security Policies from the expanded options.
-
On the Security Policies page, click the name of the policy you'd like to modify.
-
Click DNS Filter or Application Control to continue.
Enabling DNS filtering
- Toggle the Enable DNS Filter slider to ON to use DNS filtering.
- Toggle the Drop Web Ads & Tracking slider to ON to block traffic from known ad servers and websites.
Filtering by category
This section lets you choose which traffic categories to block. Some categories represent all sites of the same type (such as "Crypto"), while others represent individual universally used sites (such as YouTube). Refer to each category's tooltip for more information. You can also block all categories by clicking BLOCK ALL.
DNS Filtering exception list
The exception list lets you allow or block specific sites within blocked categories. To specify a site, type its domain into the Domain field, then choose whether to allow or block it from the Exception Type drop-down menu and click the ADD button.
DNS Filtering is separate from Application Control. If you make an exception for traffic, you may need to make a corresponding exception under Application Control. See the Application Control exception list setting below for more information.
Application Control
Application control settings let you optimize network performance by choosing which applications to block or prioritize. During periods of network congestion, Secure Edge will prioritize traffic from applications set to High priority over traffic from applications with lower settings.
Setting multiple applications to High priority will give them all equal priority, nullifying the purpose of the High priority option. As a best practice, We recommend setting no more than five categories to High priority.
To reach application control options, click the Application Control link on the Security Policy Settings page.
- To set priority by application category (Entertainment, Social Media, etc.), select the priority from the category's drop-down menu.
- To set priority by application subcategory, click the arrow next to the category, then select the priority from the category's expanded options.
Application Control exception list
The exception list lets you set the priority for certain applications within blocked categories. To specify a site, type its domain into the Domain field, then select its priority from the Exception Type drop-down menu and click the ADD button.
Application control is separate from DNS filtering. If you make an exception for applications, you may need to make a corresponding exception under DNS Filtering. See the DNS Filtering exception list setting above for more information.