Do we need to add a security policy to allow DNS from LAN to the device when using DNS domain scan?

Zyxel_Cooldia
Zyxel_Cooldia Posts: 1,511  Zyxel Employee
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
edited November 2023 in Security Service

Question:

In the ZLD series, if we want to enable the DNS content filter, we must create a security policy to allow DNS queries from the LAN to the device. For uOS, do we still need to add a security policy to allow DNS traffic from the LAN to the device when using a DNS domain scan?

Answer:

When the UTM DNS domain scan is enabled, the firewall automatically adds an implicit security policy to allow DNS queries from the LAN to the device. Therefore, there's no need to add a security policy for DNS query from the LAN to the device.