Configuring Cyber Shield Domain Filtering

Cyber Shield, a part of OpenVPN Cloud, analyzes the domain names in DNS queries received from VPN clients only when domain filter monitoring is turned on. When monitoring is active, Cyber Shield checks which content category each domain name being queried belongs in. If a domain name is matched to a category that is configured to be blocked, the domain name is not resolved as expected and a “This site can’t be reached” page is displayed.

Cyber Shield effectively blocks traffic bound for the intended destination even if the traffic isn’t passing through the VPN. By not returning the IP address of the true destination as a response to the DNS query, domain filters can block all VPN and non-VPN traffic.


Note: Domain filtering is turned off by default. With domain filtering turned on, you can choose whether you only monitor domain queries, or if you also block domain queries by category. Follow these steps to configure Cyber Shield Domain Filtering:

  1. Access the Cyber Shield page in the administration portal and in the Domain Filtering section turn Monitoring on.

    This enables you to monitor domain traffic.

  2. After monitoring is activated and if you want to block content categories, click on the edit icon.

    The Domain Filters window is displayed.

  3. Select the domain filter categories that you want to block.

  4. Click X to exit.

  5. The Domain Filtering section displays the number of blocked domain filters.