DNS response policies - BlueCat Integrity - 9.5.0

Address Manager Legacy v1 API Guide

Product name
BlueCat Integrity

Response policies allow you to manage a recursive DNS resolver attempting to respond to potentially undesirable or illegal queries.

You can set the types of response policies based on your needs and deploy to a DNS server managed under Address Manager. By setting up these response policies, you can block, redirect, or allow particular domain name queries that you wish to and must prevent. For example:
  • If you are a corporate user and want to prevent employees from being connected to any harmful website, you can set up the response policies and block these harmful websites so that they does not return the query response, or else redirect the employees to an appropriate website.
  • If you must follow a government regulation that mandates certain DNS blocking, you can use response policies to implement this requirement.
You can set three different types of response policies, depending on your requirements:
  • Blacklist — Matching items in the list of blacklist objects return an NXDOMAIN result.
  • Blackhole — Matching items return a NOERROR result with no answers.
  • Whitelist — Matching items are excluded from further processing.