Getting noticed


I just read this: https://www.zdnet.com/article/fearing-drama-mozilla-opens-public-consultation-before-worldwide-firef... 


And I want to know if the MX will still be as secure and this won't bypass any policies I have configured on the MX (layer 7, hostname, geoip blocks, AMP,etc) ??


Will this render the MX useless for this??

6 Replies 6
Kind of a big deal
Kind of a big deal

DoH will definitely affect some of the features mentioned. https://umbrella.cisco.com/blog/doh-dns-over-https-to-block-or-not-to-block perhaps will give you a better idea.


If you should decide not to support DoH within your environment, you could simply block access to the systems currently in use: https://support.umbrella.com/hc/en-us/articles/230904088-Preventing-Circumvention-of-Cisco-Umbrella-...

Well this sucks... I ca't change the DNS to umberalle or even google DNS or even manually adding those IPs... My ISP seems to not allow any kind of DNS changes whatsoever. Even locally on each individual computer.


Will adding "proxies and other anonimyzers" to content filtering work at all?

>Will adding "proxies and other anonimyzers" to content filtering work at all?


I expect it would.


DNS over HTTPS is going to breath new life into malware.  It opens up a whole new avenue for distribution.

This is disastrous. 😞

Also ads as well

Every man and their dog owns develops VPNs so why not move into the DNS market as well. 






DoH and DoT is now a category that can be chosen on the content filtering page.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.