BlueCat DNS Edge supports integration with Cisco Umbrella to leverage policy enforcement and content filtering for external traffic. Once you have successfully configured the Cisco Umbrella integration, namespace configurations applied to DNS Edge Service Points will forward external queries to Cisco Umbrella to apply granular policies configured on Umbrella while internal queries are handled by the Service Point based on the applicable policies. Although external queries are handled by Cisco Umbrella, the DNS Edge Cloud continues to have visibility into both external and internal queries.
Attention: When configuring the Cisco Umbrella integration, ensure that the following requirements are met:
- Each service point must be able to forward DNS queries to the two Cisco Umbrella anycast vIPs(22.214.171.124 and 126.96.36.199). These are the IP addresses that are copied to the clipboard when selecting the Cisco Umbrella Integration checkbox on the namespace configuration page.
- Any firewalls configured between the service point and Cisco Umbrella must not strip EDNS information from the forwarded queries.