Fortinet black logo

Version:

7.4.0
7.2.0
7.0.0

Version:

6.4.0
6.2.0

Table of Contents

New Features

7.0.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0
Download PDF
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:739623
Copy Link

DNS filter handled by IPS engine in flow mode

In FortiOS 6.4, the DNS proxy daemon handles the DNS filter in flow and proxy mode policies. Starting in 7.0, the IPS engine handles the DNS filter in flow mode policies and queries the FortiGuard web filter server for FortiGuard categories. In proxy mode, the DNS proxy daemon handles the DNS filter and queries the FortiGuard SDNS server for FortiGuard categories.

All features previously supported in the DNS filter profile are supported in flow mode:

  • FortiGuard category rating
  • Static domain filtering
  • Remote category rating
  • External IP block list
  • Botnet domain and IP filtering
  • DNS translation
  • Safe search enforcement
Note

When a DNS filter profile is enabled in config system dns-server, the DNS proxy daemon handles the traffic.
Previous
Next

DNS filter handled by IPS engine in flow mode

In FortiOS 6.4, the DNS proxy daemon handles the DNS filter in flow and proxy mode policies. Starting in 7.0, the IPS engine handles the DNS filter in flow mode policies and queries the FortiGuard web filter server for FortiGuard categories. In proxy mode, the DNS proxy daemon handles the DNS filter and queries the FortiGuard SDNS server for FortiGuard categories.

All features previously supported in the DNS filter profile are supported in flow mode:

  • FortiGuard category rating
  • Static domain filtering
  • Remote category rating
  • External IP block list
  • Botnet domain and IP filtering
  • DNS translation
  • Safe search enforcement
Note

When a DNS filter profile is enabled in config system dns-server, the DNS proxy daemon handles the traffic.
Previous
Next