DNS Filtering and Botnet Protection 5.4 (Video)


In this video, you will learn how to protect your network from Botnet C&C attacks using the FortiGuard Botnet C&C database feature, and block access to social networking sites using the Static Domain Filter. You will create a new DNS Filter security profile called Botnet&Facebook, block access to all known C&C addresses, and block access to the Social Networking FortiGuard category.

The recipe for this video is available here.

Watch more videos

Adam Bristow

Adam Bristow

Technical Writer at Fortinet
Adam Bristow is a Technical Writer working for the FortiOS technical documentation team. He has a Honours Bachelor of Arts in English and Minor in Film Studies and a graduate certificate in Technical Writing from Algonquin College. Stay tuned for more FortiOS Cookbook videos!
Adam Bristow
  • Was this helpful?
  • Yes   No
  • steph

    Hi, in an environment where the company DNS servers are behind the firewall, can I create the below policy to filter DNS traffic and detetc traffic I want to detect/block ?
    Source: LAN clients
    Destination: DNS servers
    Service: DNS
    DNS filtering: My_DNS_Filtering_Profile
    Action: Allow
    log: Security events

  • steph

    Hi, in an environment where the company’s DNS servers are behind the fortigate, is it possible to create a firewall rule to do the following:
    source: LAN clients
    destination: DNS servers
    services: DNS
    DNS filtering: My_DNS_Filtering_Profile
    log: security events

  • Victoria Martin

    Hi Luca,

    DNS filtering was made available in flow-mode in FortiOS 5.4.2. This video was recorded using an earlier version of the firmware.

  • Matt Glosson

    Is there a way, instead of it returning NXDOMAIN, to have it return an IP address of your choosing? perhaps to a “page blocked” site. That’s much more helpful to the user (and the help desk). Obviously the page blocked site would only help for web requests, but that’s what most people would be doing when thy get run up against a denied name anyway.