DNS-over-HTTPS

cfts_ea
cfts_ea Posts: 15  Freshman Member
First Anniversary First Comment
edited April 2021 in Security
Is it possible to make the USG series only use secure DNS requests using DNS-over-HTTPS or other? I can find no literature on this matter.

Comments

  • zyman2008
    zyman2008 Posts: 197  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    I don't think that USG support DOH or DNSSEC now.
    Just interesting that the major purpose for you ?
    Internet access privacy ?
    Preventing DNS attack ? like DNS hijacking(Man-in-the-middle)


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited May 2018
    Hi @cfts_ea,
    It does not support DNS-over-HTTPS at current design.
    As I know, it is draft in IETF, which means documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time.
    Once the standard is changed from draft to final, we will consider if we’ll implement it on device or not.


  • cfts_ea
    cfts_ea Posts: 15  Freshman Member
    First Anniversary First Comment
    edited March 2020

    Sorry took a little while to get back, Google, Cisco and even Microsoft are implementing, so have the situation changes yet for Zyxel, I press this because this has become a serious business requirement and is now considered essential that even if not implement right now that it will be soon.

  • sasch
    sasch Posts: 9
    First Comment
    any news from zyxel?
  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    Friend Collector First Answer First Comment
    Hi @sasch,

    Thank you for your interesting.
    This feature is in our to be implement queue.

    But so far we don't have detailed schedule yet.

    Best regards.

Security Highlight