Endpoint Protection

 View Only

  • 1.  How does Smart DNS work?

    Posted Apr 27, 2012 03:00 AM

    My SEP version is 12.1.

    I have already enabled "Smart DNS" in built-in rules of firewall policy.

    but sometimes i can still see in the logs the port of tcp/udp 53 was blocked by the firewall.

    ( i disabled the rule "allow all applications")

    can someone tell me how does Smart DNS work? and need i create a rule to allow tcp/udp 53 even if  i enable "Smart DNS"? if i needn't, so shall i ignore the logs?

    thanks a lot.



  • 2.  RE: How does Smart DNS work?
    Best Answer

    Posted Apr 27, 2012 03:08 AM

    A smart traffic filtering option that allows a Domain Name System (DNS) client to resolve a domain name from a DNS server while providing protection against DNS attacks from the network. This option blocks all Domain Name System (DNS) traffic except outgoing DNS requests and the corresponding reply. If a client computer sends a DNS request and another computer responds within five seconds, the communication is allowed. All other DNS packets are dropped. Smart DNS does not block any packets; blocking is done by the normal security rule set.

     

      Allows the outbound DNS requests to and corresponding inbound replies from assigned DNS servers only.

    If a computer sends out a DNS request and the response comes back within five seconds, the communication is allowed. All other DNS packets are dropped.

    If you disable this setting, you must create a firewall rule that allows UDP traffic for remote port 53 (domain) to use DNS.

    This option is enabled by default.

     



  • 3.  RE: How does Smart DNS work?

    Broadcom Employee
    Posted Apr 27, 2012 03:15 AM

    did you check the firewall rule that is blocking the traffic. Basically if the SMART DNS is enabled then it will not affect if firewall is blocking the traffic.



  • 4.  RE: How does Smart DNS work?

    Posted Apr 27, 2012 03:24 AM

    The ip address of which the port is blocked is it correct DNS server?

    http://www.symantec.com/business/support/index?page=content&id=TECH161639



  • 5.  RE: How does Smart DNS work?

    Posted Apr 27, 2012 04:19 AM

    thanks for your answer.



  • 6.  RE: How does Smart DNS work?

    Posted Apr 27, 2012 04:26 AM

    Thanks again. you do a great help for me .



  • 7.  RE: How does Smart DNS work?

    Posted Apr 27, 2012 04:47 AM

    i did not creat a rule to block tcp/udp 53.  so SMART DNS can be fuctional. And actually,the clients have no problem to communicate with DNS server.

    since SMART DNS is on, so that tcp/udp 53 traffic will no be blocked.

    so i just confuse why i can still see the logs (block all other ip traffic) that some  tcp/udp 53 traffic was blocked