Domain lists - BlueCat DNS Edge

DNS Edge User Guide

prodname
BlueCat DNS Edge

Create domain lists which will help you build your policy rules. For example, your organization might want a list of social media sites to be used in a block policy, or a short list of sites that point-of-sale machines may access to add to an allow policy. You can also add domain lists to namespaces, as both match and exception lists, to control how queries are forwarded.

You can add domains to block, allow, or watch manually, or you can create a list of domains as a .csv or text file and upload it. If you upload a file, it should contain one domain per line, with no commas.
Note: To upload a list of domains, the client device from which you log in to the DNS Edge web application must allow multipart/form-data uploads.

BlueCat Threat Protection domain lists

BlueCat also provides a threat intelligence feed called BlueCat Threat Protection. BlueCat Threat Protection includes data from partner feeds, including additional lists curated by the BlueCat internal research team to protect against domains and sites that employ malware, botnets, exploits, and spam. BlueCat Threat Protection domain lists are denoted by the BlueCat Threat Protection <list type>.

Adding a new domain list

  1. In the top navigation bar, click and select Domain Lists.
  2. Click to create a new domain list, or select an existing domain list and click Edit.
  3. Enter the domain list name.
  4. For Type select one of the following:
    • User Defined: To upload a list of domains in .csv or text format, or to manually enter a list of domains.
    • Dynamic Feed: To configure a dynamically sourced and maintained domain list from a local feed.
  5. Enter a brief description of the domain list.
  6. If you selected User Defined as the domain list type, choose one of the following ways to add domain names to the list:
    1. To add domains individually, type the name into the Domains field (for example www.bluecatnetworks.com) and press Enter.

      Individually added domains appear below the Domains field. If you enter a domain that's already in the list, it will be highlighted in the list to show you where the item is.

      To remove a domain from the list, click the X beside its name.

    2. Drag and drop a .csv or text file of domains into the field, and click Save to upload the file.

      The domain list file must contain one domain per line and must be in plain text format. When uploading a .csv file, each domain in the list must be in the first column of the line.

      You can't edit a list of more than 2000 entries, but you can override the entries with a new list, or type /clear to start again.

      Lists under 2000 items will be visible for editing.

  7. If you selected Dynamic Feed as the domain list type, complete the following information:
    • Host Name: The IP or FQDN of the local feed server. This must be publicly accessible.
    • File Path: The absolute path to the domain list file.
    • Sync Rate: The frequency of synchronization attempts, in minutes.
    • Transfer Type: Keep the default setting of rsync/SSH.
    • User Name: The SSH user name.
    • Port: The server port that the SSH service is set up to listen on. This is usually 22.
    • Public Host Key: Drag and drop the public host key text file into this field.
    • Private Key: Drag and drop the private key text file into this field.
      Note: Keys are generated outside of the DNS Edge environment.
    Note: Unlike a user-defined list, the domains in a dynamic feed list aren't visible in the DNS Edge Domain Lists page.
  8. If you want to download a copy of the domain list, click Download, choose a folder in which to save the file, and click Save.

    To delete a domain list, select it and click Delete. If a domain list is associated with a namespace or policy, you must remove it from the namespace or policy before you can delete it.

    Note: You can't edit, download, or delete the BlueCat Threat Protection domain lists.
  9. Click Save.
Domain List Tips
  • When you build a block policy, you can add domain lists of exceptions. Creating a primary domain list of exceptions and adding it to your block policies lets you regain access to a domain that has been erroneously blocked.
  • You can clear all items from a domain list, including an attached file, by typing /clear in the domains field.
  • Attaching a file using drag-and-drop overrides all of the items currently in your list.
  • For easy management, you can download a copy of your domain list using the icon in the top right.
  • If you edit a domain list that's associated with a namespace, and the edits cause the number of domains in the list to exceed 100,000, you won't be allowed to save your changes.