O'Reilly logo

Cisco Firepower Threat Defense (FTD) by Nazmul Rajib

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 17Blocking a Domain Name System (DNS) Query

Attackers often send phishing emails with links to malware websites. A user in your network may be deceived by the hoax content and click on an obfuscated link by mistake. Firepower can intelligently prevent a user from accessing a malicious website by blocking its DNS query—one of the first things a client computer performs to access a website. This chapter describes the implementation of a DNS policy on an FTD system.

Firepower DNS Policy Essentials

Before diving into DNS policy configuration, let’s take a look at how a host computer learns the IP address of a website through a DNS query and how a Firepower system can prevent a user from making a DNS query for a malicious domain.

Domain ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required