DNS-over-HTTPS

cfts_ea
cfts_ea Posts: 8
First Comment Second Anniversary
 Freshman Member
edited April 2021 in Security
Is it possible to make the USG series only use secure DNS requests using DNS-over-HTTPS or other? I can find no literature on this matter.

Comments

  • zyman2008
    zyman2008 Posts: 158
    25 Answers First Comment Friend Collector Fifth Anniversary
     Master Member
    I don't think that USG support DOH or DNSSEC now.
    Just interesting that the major purpose for you ?
    Internet access privacy ?
    Preventing DNS attack ? like DNS hijacking(Man-in-the-middle)


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,052
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    edited May 2018
    Hi @cfts_ea,
    It does not support DNS-over-HTTPS at current design.
    As I know, it is draft in IETF, which means documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time.
    Once the standard is changed from draft to final, we will consider if we’ll implement it on device or not.


  • cfts_ea
    cfts_ea Posts: 8
    First Comment Second Anniversary
     Freshman Member
    edited March 2020

    Sorry took a little while to get back, Google, Cisco and even Microsoft are implementing, so have the situation changes yet for Zyxel, I press this because this has become a serious business requirement and is now considered essential that even if not implement right now that it will be soon.

  • sasch
    sasch Posts: 9
    First Comment
    any news from zyxel?
  • Zyxel_Can
    Zyxel_Can Posts: 342
    5 Answers First Comment Friend Collector
     Zyxel Employee
    Hi @sasch,

    Thank you for your interesting.
    This feature is in our to be implement queue.

    But so far we don't have detailed schedule yet.

    Best regards.

Security Highlight