does using alternate dns bypass filters and AMP?

remixedcat
Getting noticed

does using alternate dns bypass filters and AMP?

I need to make sure that people don't just change the DNS on their machines and then get infected or go to sites I don't want them to go on.... does changing the DNS in windows bypass content filtering and malware protection (AMP) on the MX for the particular client?

 

 

4 REPLIES 4
ww
Kind of a big deal
Kind of a big deal

if you change the DNS server your client still request  the same content/URL. 

 

for amp, i dont think this works based on dns but more like comparing a file hash to a known database

Adam
Kind of a big deal

I haven't tested AMP but on our public wifi we use custom DNS so they don't use our internal DNS and they still get content filtered.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
BrandonS
Kind of a big deal

DNS shouldn't matter for content filter and AMP, but if you don't want users to use any DNS besides the ones you choose just block all outbound port 53 traffic except the ones you want.

PhilipDAth
Kind of a big deal

I think you are mostly referring to content filtering, rather than AMP.  And no it wont matter what DNS servers they are using.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels