Learn How We Can Help You Keep Teleworkers Protected During the COVID-19 Crisis

Security

Reply
Highlighted

Block DNS resolution with RPZ policy for not DNSSEC validated sites

Expert
Posts: 38
3712     0

Is there a way to block DNS resolution with RPZ policy for not DNSSEC validated sites within .gov zone

Highlighted

Re: Block DNS resolution with RPZ policy for not DNSSEC validated sites

Adviser
Posts: 138
3713     0

No, there is not an RPZ policy that can accomplish this.

 

By default, RPZ will only process queries that do not request DNSSEC or when DNSSEC records are not available. This policy can be changed to apply RPZ to DNSSEC but effectively breaks DNSSEC as anything re-written by RPZ can not be verified.

Check out our new Tech docs website at http://docs.infobox.com for latest documentation on Infoblox products
Showing results for 
Search instead for 
Do you mean 

Recommended for You