Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

BloxOne Threat Defense and Threat Intelligence

Reply

If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP?

Authority
Posts: 18
3172     0

Hi;

 

Usually in this case, the client itself relies on the explicit proxy "setup in a pac file" to do the DNS queries, which means that local RPZ rules cannot be based on the client IP address, correct?

 

 

Kindly

Wasfi

Re: If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP

Moderator
Moderator
Posts: 71
3173     0

Hello,

 

It will depend on how you want it to work.

 

you can have Infoblox take over the DNS first then redirect to the proxy. you can configure this inside the PAC file which is another option.

 

hope this helps,

Kevin Zettel

Re: If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP

Authority
Posts: 18
3173     0

Thank you for your respose Kevin.

 

to be honest, I am still puzzled since the client itself does not do any DNS querying itself. This is mainly due to the explicity proxy setup of the client's browser "using a pac file". 

 

In saying that, there might be a setup that you are aware of and I am not. In this case, would you please share with me. 

 

kindly

Wasfi

Re: If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP

Superuser
Posts: 105
3173     0

Hi,

 

If you are using PAC file then you can try to insert "dnsResolve(host)" function. The client will have to perform DNS lookup

 

Thanks

Showing results for 
Search instead for 
Did you mean: 

Recommended for You