Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Enable DNS DGA Detection

To enable DNS DGA detections on SRX Series Firewalls:

  1. Configure the security-metadata-streaming policy.

    Configure DNS sinkhole if the action is set as sinkhole. See Configure DNS Sinkhole.

  2. Configure dga option at [edit services security-metadata-streaming policy dns_policy dns detections] hierarchy level.

  3. Attach the security-metadata-streaming policy to a security firewall policy at zone-level.

    set security policies from-zone zone-name to-zone zone-name application-services security-metadata-streaming-policy dns_policy

  4. Commit the configuration.

Use the show services security-metadata-streaming dns statistics command to view the DNS statistics of security metadata streaming policy.

Use the show services dns-filtering cache command to view the details within the DNS cache.

Note:

DNS DGA detection is supported on Junos OS 21.2R1 and later releases.