cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

does using alternate dns bypass filters and AMP?

Highlighted
Here to help

does using alternate dns bypass filters and AMP?

I need to make sure that people don't just change the DNS on their machines and then get infected or go to sites I don't want them to go on.... does changing the DNS in windows bypass content filtering and malware protection (AMP) on the MX for the particular client?

 

 

4 REPLIES 4
Kind of a big deal ww
Kind of a big deal

Re: does using alternate dns bypass filters and AMP?

if you change the DNS server your client still request  the same content/URL. 

 

for amp, i dont think this works based on dns but more like comparing a file hash to a known database

Kind of a big deal

Re: does using alternate dns bypass filters and AMP?

I haven't tested AMP but on our public wifi we use custom DNS so they don't use our internal DNS and they still get content filtered.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Head in the Cloud

Re: does using alternate dns bypass filters and AMP?

DNS shouldn't matter for content filter and AMP, but if you don't want users to use any DNS besides the ones you choose just block all outbound port 53 traffic except the ones you want.

Kind of a big deal

Re: does using alternate dns bypass filters and AMP?

I think you are mostly referring to content filtering, rather than AMP.  And no it wont matter what DNS servers they are using.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.