Hi,
I'm going to integrate our MX appliance with Umbrella DNS.
The MX handle Layer 3 for some of our network.
1 - Does the clients can keep to use Google DNS or other internal DNS and get protected by Umbrella? (I imagine that in case of internal DNS obviously I need to reach the MX so client and DNS server need to be on different subnet)
From documentation I saw that I need to create a group policy with "custom network firewall & shaping rules" in order to enable Umbrella protection.
So, if I have a network handled by MX with firewall rules created under "Security & SD-WAN" and I apply the group policy to this subnet:
2 - Does the group policy custom firewall rules have priority so no traffic is denied? (because under group policy the default is allow any any)
3 - Do i need to migrate the firewall rules that I have on "Security & SD-WAN" under the group policy?
4 - In the last case I read that the group policy firewall rules are stateless so do I need to create rules for return traffic?
Thank you in advance
Hope my questions are clear
Simone