DNS Security creates threat signatures for domains
that have been analyzed by the DNS Security service. For these known
domains, the signatures are referenced when a DNS query is received.
In some cases, it might be possible that the signature has incorrectly
categorized a domain as a threat, due to certain features or qualities
present in the domain. In such circumstances, you can add signature
exceptions to bypass these false-positives. If there are known safe
domains that are categorized as malicious, such as internal domains,
you can add a list of domains that will bypass any DNS analysis.
If your organization uses third party threat feeds as part of a
comprehensive threat intelligence solution, you can also reference
those in the form of external dynamic lists (EDLs) in your DNS Security
profile.