Hi there, I'm a newbie to Sophos and had a quick read through the fourms to find out DNS Best Practices for XG Firewall. I found one for UTM but I presume the same advice applies to XG (request routing and all that).
One follow on question I had was - in the aim of avoiding users locally changing their local DNS IP settings, do you recommend as DNS best practice to setup a rule on the XG firewall to allow all tcp/udp on port 53 in/out to our external name servers and then have a rule below that says Block all tcp/udp in/out to all ip addresses on port 53?
Or is there a way for XG to simply forward' people's DNS requests (to your preferred external DNS providers) without them knowing, instead of having the possibility of someone manually configuring DNS and having it just not work.
Thanks
Gerry
This thread was automatically locked due to age.