Solved: DNS with https

skywalker_007 · ‎01-14-2021

Hello ,

We are having DNS Advantage Package

We are concerened DNS over https , Is it a Security concern for us ? can umbrella be bypassed ?

Mostly our client machines are MACOS ?

Kindly provide some inputs in this direction of DNS over https

Rob Ingram · ‎01-14-2021

I would imagine that when you block "Proxy/Anonymizer" content category that would apply to any operating system. This page has additional information, you can further block DoH by blocking "Newly seen domains".

https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-circumvention-of-Cisco-Umbrella-with-firewall-rules

And for DoT block 1.1.1.1 and 1.0.0.1 port 853.

View solution in original post

Rob Ingram · ‎01-14-2021

Hi @skywalker_007

You can enable the "Proxy/Anonymizer" category in the DNS policy to block DoH providers

https://umbrella.cisco.com/blog/doh-whats-all-the-fuss-about-dns-over-https

skywalker_007 · ‎01-14-2021

Does it work for MACOS which dont have Firefox?

Rob Ingram · ‎01-14-2021

I would imagine that when you block "Proxy/Anonymizer" content category that would apply to any operating system. This page has additional information, you can further block DoH by blocking "Newly seen domains".

https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-circumvention-of-Cisco-Umbrella-with-firewall-rules

And for DoT block 1.1.1.1 and 1.0.0.1 port 853.

skywalker_007 · ‎01-14-2021

Thanks @Rob Ingram