DNS-AS setup includes configuration steps on the local DNS server(s) and routers within the enterprise network.
Local DNS servers are configured with the classification information for specific “trusted domain” sites/applications. This enables a network administrator to control how a network handles traffic for these local, server-based applications – for example, those used in an enterprise intranet.
Routers are configured to detect DNS traffic for the “trusted domains” (sites/applications) controlled by DNS-AS.
Propagating Classification Information
When configuration is complete, the DNS servers can provide classification information for the “trusted domain” applications.
When a client in the network makes a DNS request, the DNS response is sent as usual. If the request relates to a “trusted domain” application, the router then queries the local DNS server about the application. The DNS server sends the router the network address data and the relevant classification information.