>
    PAN-OS & Panorama
    Focus
    Download PDF
    Focus
    1. Home
    2. DNS Security
    3. Configure DNS Security
    4. Configure DNS-Over-TLS
    5. PAN-OS & Panorama
    Download PDF
    DNS Security

    PAN-OS

    Table of Contents

    PAN-OS & Panorama

    2. Enable DNS Security is configured to inspect DNS requests. You can use your existing security profile if you want to use the same
      DNS Policies
       settings for DNS-over-TLS traffic.
    3. Create a decryption policy rule (similar to the example below) with an action to decrypt HTTPS traffic on port 853, which includes DNS-over-TLS traffic (refer to the Decryption Best Practices for more information). When DNS-over-TLS traffic is decrypted, the resulting DNS requests in the logs will appears as the conventional
      dns-base
       application.
    4. (Optional)
       Search for activity on the firewall for decrypted TLS-encrypted DNS queries that have been processed using DNS Security.
      1. Select
        Monitor
        Logs
        Traffic
         and filter based on the application using
        dns-base
         and port 853 (which is exclusively used for DNS-over-TLS transactions), for example,
        ( app eq dns-base ) and ( port.src eq 853 )
        .
      2. Select a log entry to view the details of a detected DNS threat.
      3. The
        Application
         should display
        dns-base
         in the
        General
         pane and the
        Port
         in the
        Source
         pane of the detailed log view. Other relevant details about the threat are displayed in their corresponding windows.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.