ProxySG & Advanced Secure Gateway

 View Only

  • 1.  DNS over https. How does Proxy SG handle it?

    Posted Aug 31, 2019 08:57 AM

    Hi;

    Can Proxy SG recognise this protocol. How to prevent it if needs to be.

     

     

    Kindly

    Wasfi



  • 2.  RE: DNS over https. How does Proxy SG handle it?
    Best Answer

    Posted Sep 01, 2019 02:13 AM
    Hi, DNS over HTTPS is only supported in HTTP2. SGOS 7.1.x only supports HTTP2.


  • 3.  RE: DNS over https. How does Proxy SG handle it?

    Broadcom Employee
    Posted Sep 24, 2019 09:16 AM

    Hi,

     

    So, can we block the DoH in 7.1 and how to do that?

     

    Thanks,

    Regards,

    Gayeth 



  • 4.  RE: DNS over https. How does Proxy SG handle it?

    Broadcom Partner
    Posted Sep 24, 2019 10:34 AM

    Hi,

    DoH wil be supported in 7.2 which is targeted for 2H2019. Now you can try to block MIME types "application/dns-message" (for UDP wireformat) and "application/dns-json" (for JSON format).

    BR,

    Pavel



  • 5.  RE: DNS over https. How does Proxy SG handle it?

    Broadcom Employee
    Posted Sep 24, 2019 12:25 PM

    Thank you Pavel for the quick response! That helped.

    Regards,

    Gayeth