Activate DNS Security by installing Threat Prevention and DNS licenses via the CSP. Once
active, apply services through security profiles within your network policy
rules.
| Where Can I Use
This? | What Do I Need? |
Prisma Access NGFW VM-Series CN-Series
|
|
Before you can enable and configure
Advanced DNS Security or DNS Security, you must obtain and
install a Threat Prevention (or
Advanced Threat Prevention) license as well as an
Advanced DNS Security or DNS Security license in addition to any platform licenses
from where it is operated. Licenses are activated from the
Palo
Alto Networks Customer Support Portal and must be active before DNS
analysis can take place. Additionally,
DNS Security subscription services
(similar to other
Palo Alto Networks security services) are administered through
security profiles, which in turn is dependent on the configuration of network
enforcement policies as defined through security policy rules. Before enabling a
DNS Security subscription service, it is recommended that you familiarize
yourself core components of the security platform in which the security
subscriptions are enabled. Refer to your
product
documentation for more information.
To enable and configure a
DNS Security subscription service to function optimally within
your network security deployment, refer to the tasks below. While it may not be
necessary to implement all of the processes shown here,
Palo Alto Networks
recommends reviewing all of the tasks to familiarize yourself with the available
options for a successful deployment. It is additionally recommended that you follow
the
best practices provided by
Palo Alto Networks for the
optimum usability and security.