1 Requirements
To enable SecureDNS and protect your whole organization, we need ALL the public IP addresses that are performing DNS queries to the internet. This includes headquarters and all remote offices.
Your organization DNS Servers and firewall must be allowed to communicate with the SecureDNS services.
Contact your account manager if you didn’t receive the details on how to allow the communication.
2 Performing a test query
Before proceeding with the setup, we first validate that the SecureDNS service is reachable from your organization.
A test DNS query will be executed from your internal DNS server to our SecureDNS service.
dig blacklist.secutec.be. @<provided DNS server>
3 Setting DNS forwarders
To add DNS forwarders in a BIND config, open the /etc/named.conf file and add the forwarders in the options {} block.
options {
...
forwarders { <DNS server provided during the call>; <DNS server provided during the call>; };
...
};
Restart the BIND/named service.