cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
377
Views
0
Helpful
4
Replies
Highlighted
Beginner

DNS with https

Hello ,

 

We are having  DNS Advantage Package

 

We are concerened DNS over https , Is it a Security concern for us ?  can umbrella be bypassed ?

 

Mostly our client machines are MACOS ?

 

Kindly provide some inputs in this direction of DNS over https

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

I would imagine that when you block "Proxy/Anonymizer" content category that would apply to any operating system. This page has additional information, you can further block DoH by blocking "Newly seen domains".

https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-circumvention-of-Cisco-Umbrella-with-firewall-rules

 

And for DoT block 1.1.1.1 and 1.0.0.1 port 853.

View solution in original post

4 REPLIES 4
Highlighted
VIP Mentor

Hi @skywalker_007 

You can enable the "Proxy/Anonymizer" category in the DNS policy to block DoH providers

https://umbrella.cisco.com/blog/doh-whats-all-the-fuss-about-dns-over-https

Highlighted

Does it work for MACOS which dont have Firefox?

Highlighted
VIP Mentor

I would imagine that when you block "Proxy/Anonymizer" content category that would apply to any operating system. This page has additional information, you can further block DoH by blocking "Newly seen domains".

https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-circumvention-of-Cisco-Umbrella-with-firewall-rules

 

And for DoT block 1.1.1.1 and 1.0.0.1 port 853.

View solution in original post

Highlighted

Thanks @Rob Ingram 

Content for Community-Ad