Manage External Dynamic List

Table of Contents

Manage External Dynamic List

Where Can I Use This?	What Do I Need?
Strata Cloud Manager	Advanced DNS Resolver License

An external dynamic list is a text file hosted on an external web server so that the Advanced DNS Resolver can import objects—IP addresses, URLs, domains, International Mobile Equipment Identities (IMEIs), International Mobile Subscriber Identities (IMSIs)—included in the list and enforce policy. The Advanced DNS Resolver can use an EDL of domains to apply a particular action (allow, block, sinkhole, or alert) on a specific group of domains.

You can have a maximum of 30 EDL sources for your Advanced DNS resolver. These EDLs are not associated with your Strata Cloud Manager EDLs and function only for the Advanced DNS Resolver.

Log in to the Strata Cloud Manager on the hub.
Select ManageConfigurationADNS ResolverDNS Security Profiles and then go to the External Dynamic Lists tab.
You can view your available EDLs and get a at-a-glance status of each EDL. Additionally, you can delete, test, and download the associated certificate for each EDL that was previously added.
To create a new EDL entry:
(Required if your EDL source requires a CA certificate to establish a secure connection) Upload CA certificate(s) to Strata Cloud Manager.
1. Select Manage Certs.
2. For each CA certificate that you wish to add, provide a Certificate Name and a drive location for the certificate file and then Upload Certificate.
3. Repeat for any additional CA certificates that you wish to add.
Select Add Definition and provide a name for the new EDL configuration. Additionally, specify the following EDL details:
1. URL—An HTTPS URL where the EDL is located.
2. Poll Duration—The frequency at which the Advanced DNS Resolver checks for updates to the list.
3. User (Optional)—The username used to access the URL hosting the EDL.
4. Password (Optional)—The password used to access the URL hosting the EDL.
5. CA Certificate (Optional)—The CA certificate required to facilitate the connection between SCM and URL hosting the EDL.
  
  You must first add CA certificates from ManageConfigurationADNS ResolverExternal Dynamic ListsManage Certs before you can select them from the CA Certificate dropdown.
Test to verify that it is accessible and usable by the Advanced DNS Resolver. A confirmation appears in the upper-right corner.
Save your EDL definition.
To apply the EDL to a DNS Security Profile:
Select ManageConfigurationADNS Resolver and then go to the DNS Security Profiles tab.
Select a DNS Security profile that you want to apply the EDL to and select Overrides tab.
From the EDL Definitions panel, + Add or delete entries (using the icon) to modify the EDL list entries as necessary. Keep in mind, only EDL lists that have been previously created can be added.
Select an Action for each EDL list entry.
1. - allow—The DNS query is allowed.
  - alert—The DNS query generates an alert. DNS queries that generate an alert are saved in the DNS Security log.
  - block—The DNS query is blocked.
  - sinkhole—Forges a DNS response for a DNS query targeting a detected malicious domain. This directs the resolution of the malicious domain name to a specific IP address (referred to as the Sinkhole IP), which is embedded as the response.
You can add multiple entries by opening additional fields using + Add.
Click Save when finished.