Attackers often send phishing emails with links to malware websites. A user in your network may be deceived by the hoax content and click on an obfuscated link by mistake. Firepower can intelligently prevent a user from accessing a malicious website by blocking its DNS query—one of the first things a client computer performs to access a website. This chapter describes the implementation of a DNS policy on an FTD system.
Before diving into DNS policy configuration, let’s take a look at how a host computer learns the IP address of a website through a DNS query and how a Firepower system can prevent a user from making a DNS query for a malicious domain.