[DNSfirewalls] something new in dns firewalls: microsoft dns policy filtering

Rod Rasmussen rod.rasmussen at internetidentity.com
Tue May 19 23:48:54 UTC 2015


This is cool.  For us in the TL;DR crew this seems to be a cookbook/example approach without tech specs.  Any word on if there is any compatibility with RPZ format, or is someone going to have to create a translator?

Cheers,

Rod

On May 19, 2015, at 4:09 PM, Paul Vixie <paul at redbarn.org> wrote:

> << DNS policies is a new feature in the DNS server role of Windows
> Server 2016 Technical Preview – not to be confused with group policies
> of the AD fame. You can create DNS policies on the DNS server to control
> how a DNS Server handles queries based on different parameters. In the
> previous blogs, we discussed how to achieve traffic management and
> deploying split-brain DNS using DNS policies. Here we are going to
> discuss another important scenario where DNS policies can be used to
> create query filters based on certain criteria. One of the example of
> such filters are DNS black holes for known malicious domains. Another
> example is to create a whitelist to allow only a specific set of clients
> to resolve certain names. The filters can be created with any logical
> combination (AND/OR/NOT) of the following criteria. >>
> 
> http://blogs.technet.com/b/networking/archive/2015/05/18/applying-filters-on-dns-queries-using-windows-dns-server-policies.aspx
> 
> 
> _______________________________________________
> DNSfirewalls mailing list
> DNSfirewalls at lists.redbarn.org
> http://lists.redbarn.org/mailman/listinfo/dnsfirewalls

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.redbarn.org/pipermail/dnsfirewalls/attachments/20150519/ba6d8ba2/attachment.bin>


More information about the DNSfirewalls mailing list