Adding Response Policy zones with BlueCat Security Feed - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

Response Policy zone allows DNS administrators to overlay custom information on top of the global DNS configurations to provide alternate responses to queries. Response Policy zone contains a list of domains that need to be blocked or redirected.

To add Response Policy zones:

  1. Select the DNS tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Configuration information page.
  2. Under DNS Views, click a DNS View then the RP Zones sub tab.
  3. Under Response Policy Zones, click New.
  4. Under General, enter a name for a Response Policy zone in the Name field.
  5. Under Type, select Feed and set the following parameters:
    • Feed—select Feed to use predefined DNS-exploiting malware category lists provided by BlueCat.
      Note: In order to obtain the list of categories, you need to configure a recursive name-server that can resolve records in the bluecatlabs.net zone. For more information about name-server configuration mode in Address Manager, refer to Adding Name Servers.
    • Available Categories—select DNS-exploiting malware lists to include in the Response Policy zone.
    • Subscribed Categories—lists the DNS-exploiting malware category list that's currently selected.
    • Response Policy—select the type of Response Policy zone that we want to define with the feed category selected.
    • Override Refresh Time—select Override Refresh Time option to set the custom refresh time interval.
  6. Under Change Control, add comments, if required.
  7. Click Add.
After adding Response Policy zones, you must associate the RP Zone configuration with a DNS server by adding the DNS deployment role.