Configuring Cyber Shield Domain Filtering
Cyber Shield, a part of CloudConnexa, analyzes the domain names in DNS queries received from WPC clients only when domain filter monitoring is turned on. When monitoring is active, Cyber Shield checks which content category each domain name being queried belongs in. If a domain name is matched to a category that is configured to be blocked, the domain name is not resolved as expected and a “This site can’t be reached” page is displayed.
Cyber Shield effectively blocks traffic bound for the intended destination even if the traffic isn’t passing through the WPC. By not returning the IP address of the true destination as a response to the DNS query, domain filters can block all WPC and non-WPC traffic.
Note: Domain filtering is turned off by default. With domain filtering turned on, you can choose whether you only monitor domain queries, or if you also block domain queries by category. Follow these steps to configure Cyber Shield Domain Filtering:
Acces the Cyber Shield page in the Administration portal and in the Domain Filtering section turn Monitoring ON.
This enables you to monitor domain traffic.
After monitoring is activated and if you want to block content categories, click on the edit (pencil) icon.
The Domain Filters window is displayed.
Select the domain filter categories that you want to block.
As a test case for step 5, select Basic Protection / Malware.
Click the Save button to save the changes and click X to exit.
Confirm that you are connected to the WPC using the same Profile from the configured account.
Open a separate incognito browser tab and navigate to the sample domain:
http://malware-test-domain.openvpn.com
The Incognito browser should display 'This site can't be reached". This confirms the domain has been blocked.
Confirm from the Top 10 Dashboard bubble graph that the number of blocked domains has increased by 1 for Malware.
Add additional filters as needed.
Note
Domain blocking depends on DNS records TTL timeout and may take up to 24 hours to take effect.