Security

Reply

Block DNS resolution with RPZ policy for not DNSSEC validated sites
avshch
Expert
Posts: 38

‎07-15-2016 08:22 AM

3917     0

Is there a way to block DNS resolution with RPZ policy for not DNSSEC validated sites within .gov zone

Reply
0 Kudos

Re: Block DNS resolution with RPZ policy for not DNSSEC validated sites
SSalo
Adviser
Posts: 139

‎07-28-2016 10:07 AM

3918     0

No, there is not an RPZ policy that can accomplish this.

 

By default, RPZ will only process queries that do not request DNSSEC or when DNSSEC records are not available. This policy can be changed to apply RPZ to DNSSEC but effectively breaks DNSSEC as anything re-written by RPZ can not be verified.

Steve S.
Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community