Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Create a DNS Security Profile

Create a DNS security profile for Domain Generation Algorithm (DGA) detection and tunnel detection.
  1. Select Secure Edge > Security Subscriptions > DNS Security.

    The DNS Security Profile page opens.

  2. Complete the configuration according to the guidelines provided in Table 1.
  3. Click Save.
    Table 1: Fields on the DNS Security Profile Page

    Setting

    Guideline

    DGA detection

    Enable this option for DNS DGA to generate random domain names that are used as rendezvous points with potential command.

    Action

    Specify the action that Juniper Secure Edge must perform when malicious traffic is detected.

    • Permit: Permits the tunnel session.

    • Deny: Drops the tunnel session.

    • Sinkhole: Drops the tunnel sessions and sinkholes the domain.

    Logs

    Select the logging action that Juniper Secure Edge must perform when malicious traffic is detected.

    • Log detections: Generated logs for malicious DNS detections.

    • Log everything: Generates logs for each DNS request and DNS detection.

    Tunnel detection

    Enable this option to detect DNS Tunneling which is a cyber-attack method that encodes the data of other programs or protocols in DNS queries and responses. It indicates that DNS traffic is likely to be subverted to transmit data of another protocol or malware beaconing.

    Action

    Specify the action that Juniper Secure Edge must perform when malicious traffic is detected.

    • Permit: Permits the tunnel session.

    • Deny: Drops the tunnel session.

    • Sinkhole: Drops the tunnel sessions and sinkholes the domain.

    Logs

    Select the logging action that Juniper Secure Edge must perform when malicious traffic is detected.

    • Log detections: Generated logs for malicious DNS detections.

    • Log everything: Generates logs for each DNS request and DNS detections.