DNS Edge service point monitoring and troubleshooting
During the course of operation, there is little need to monitor the service points. service points respond to PING, polled for access to UDP/TCP port 53, and also have a helpful URL which can be used to monitor their status:
- http://{SPv3 IP address}:80/v1/status/spDiagnostics Review more detailed information about a Service Point v3 instance.
- http://{SPv4 IP address}:80/v2/diagnostics Review more detailed information about a Service Point v4 instance.
The BlueCat service operations cloud has visibility into all micro-services for the service points and DNS Edge Clouds, and all activity is logged for troubleshooting purposes. System monitoring is being completed by cloud native tools managed by the BlueCat cloud operations team.
Incident response considerations
DNS Edge provides great visibility into client DNS traffic, incorporating DNS Edge policy application into your existing incident response process. DNS Edge makes it easy to respond to security events such as anomalous traffic, or suspicious or malicious behavior detected by DNS Edge. DNS Edge can immediately blocklist websites or individual clients. Individual clients can be redirected to a remediation site or a warning site.
BEST PRACTICE: Define an operational process to address security concerns identified by DNS Edge.