Meraki

Community

does using alternate dns bypass filters and AMP?

remixedcat
Getting noticed
‎May 18 2018 4:59 AM
‎May 18 2018 4:59 AM

does using alternate dns bypass filters and AMP?

I need to make sure that people don't just change the DNS on their machines and then get infected or go to sites I don't want them to go on.... does changing the DNS in windows bypass content filtering and malware protection (AMP) on the MX for the particular client?

 

 

Labels:
0 Kudos
4 Replies 4
ww
Kind of a big deal
Kind of a big deal
‎May 18 2018 6:01 AM
‎May 18 2018 6:01 AM

if you change the DNS server your client still request  the same content/URL. 

 

for amp, i dont think this works based on dns but more like comparing a file hash to a known database

In response to ww
Adam
Kind of a big deal
‎May 18 2018 6:55 AM
‎May 18 2018 6:55 AM

I haven't tested AMP but on our public wifi we use custom DNS so they don't use our internal DNS and they still get content filtered.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
BrandonS
Kind of a big deal
‎May 18 2018 7:47 AM
‎May 18 2018 7:47 AM

DNS shouldn't matter for content filter and AMP, but if you don't want users to use any DNS besides the ones you choose just block all outbound port 53 traffic except the ones you want.

- Ex community all-star (⌐⊙_⊙)
In response to BrandonS
PhilipDAth
Kind of a big deal
Kind of a big deal
‎May 18 2018 12:58 PM
‎May 18 2018 12:58 PM

I think you are mostly referring to content filtering, rather than AMP.  And no it wont matter what DNS servers they are using.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.