Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 1203 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Use IP host list as DNS server options?

alan weir

Instead of manually entering DNS IP addresses into the DNS fields, it would be nice if we could use an IP host instead. Say you wanted to use google as your DNS. A user could create an IP host called "Google DNS servers" of the two IP addresses 8.8.8.8 and 8.8.4.4 and use that as the DNS servers option.

I believe the UTM had this feature, but it seems it could be implemented into SFOS in the future.



This thread was automatically locked due to age.
Parents
  • 0

    You mean this one? 

    UTM could use a longer list of DNS providers, but in reality, most customers selected the DHCP option or the manually (known Hosts) like GoogleDNS. 

    Looking into this, an IP host list could be an improvement, but only for a smaller grade of customer, who wants to have more than 3 DNS servers. 

    __________________________________________________________________________________________________________________

Reply
  • 0

    You mean this one? 

    UTM could use a longer list of DNS providers, but in reality, most customers selected the DHCP option or the manually (known Hosts) like GoogleDNS. 

    Looking into this, an IP host list could be an improvement, but only for a smaller grade of customer, who wants to have more than 3 DNS servers. 

    __________________________________________________________________________________________________________________

Children
  • 0 in reply to LuCar Toni

    The reason is that since I use AdGuard, they want the Sophos Firewall to be able to use a DNS-over-TLS to their DNS servers. Whether this will ever be possible or not, Sophos should look into DoT, and DoH as a big step in security to prevent DNS leaks and DoT/DoH is going to be in the future of DNS. 

    I would love to see this on a future roadmap.

  • 0 in reply to alan weir

    More likely, Sophos will enhance there story about DNS Protection itself and going forward in this segment. Whether it will utilize DoT or other mechanism, this will be shown in the future. 

    __________________________________________________________________________________________________________________

Unfiltered HTML