Creating Filters in ManageEngine CloudDNS

Creating Filters in ManageEngine CloudDNS

 Filters in ManageEngine CloudDNS   

 
Filters in CloudDNS are essential tools for optimizing and securing network traffic, ensuring users get the best possible experience, and providing businesses with the ability to enforce their operational policies effectively. By utilizing geo filters, ASN filters, and IP filters, network administrators can fine-tune their DNS responses to serve their specific needs and objectives. Filters are a critical component in managing the flow of internet traffic, allowing administrators to route users to different servers or resources, enforce security policies, and improve network performance.

What are the various types of filters available in CloudDNS? 

CloudDNS offers three types of filters to provide granular control over DNS traffic. To enable them:

  • Select the Filters menu from the left menu bar

  • The Filters menu will open up to a page with three tabs: Geo Filters, ASN Filters, and IP filters. Navigate to the filter you want to create or edit.

 Geo Filters 

Geo filters enable DNS responses to be tailored based on the geographic location of the user making the request. This is particularly useful for delivering localized content, managing geo-restrictions, or balancing traffic across multiple data centers. By implementing geo filters, businesses can ensure that users are directed to the server closest to them, thereby reducing latency and potentially improving load times.

 Configuring Geo Filters 

  1. Under the Geo Filters tab, Click on the Add Filter button in the top right corner.


  2. On the Create Geo Filter page, enter a name to identify the filter group.

  3. On the left side of the page, you will see a list of continents. You can expand each continent to see individual countries or select the entire continent. For the Geo filter, select the locations you wish to include in the filter group by clicking on the checkboxes next to the continent names or their sub-regions.
  4. On the right side, under Selected Locations, you'll see the locations you've chosen. This serves as a review panel where you can confirm the locations that will be affected when the Geo filter is associated with a domain.
  5. Save the Filter: Once you have selected the desired locations for the filter group, click the Save button, to create the Geo filter. If you need to make any changes or if you decide not to create the filter at this time, you can click the 'Cancel' button to exit without saving.
  6. After saving, the Geo filter group gets created. However to activate this you will have to associate this geo filter just created to the relevant zone. This will direct the DNS queries for a zone to be processed according to the rules you've set up for the selected geographic locations.

 

  1. For example: Choosing all countries from Africa and Asia into the Geo Filter group would influence all the DNS query traffic to the domain from these geographic locations to a custom IP address rather than the original IPs of the domain.


The first zone you create under a domain name will always be associated with the world-default filter. The world_default is a universal filter that serves all the queries irrespective of their location of origin. For the subsequent zones you add for a domain name, you can customize the filter settings by associating the appropriate filter group.

 ASN Filters 

ASN filters are used to direct or block DNS traffic based on the Autonomous System Number (ASN). which is a unique identifier for each network on the internet.

What are ASNs?

ASNs serve as distinct identifiers assigned to each network on the internet. These identifiers can be either 16-bit numbers, ranging from 1 to 65534, or 32-bit numbers, which range from 131072 to 4294967294. They are typically denoted in the format: AS(AS number for Google : as15169). It's estimated that more than 90,000 ASNs are currently in use across the globe
These filters are useful for targeting or excluding specific networks, such as those owned by particular internet service providers (ISPs) or organizations. ASN filtering can be leveraged for traffic management, security purposes (like blocking malicious networks), or to comply with business agreements and regulations.

 Configuring ASN Filters 

To add an ASN filter:
  • Navigate to the ASN Filters tab
  • Click on the Add Filter button on the top right corner to create an ASN flter group

  • Name the filter group with a unique name for easy identification.

  • Enter the ASN number of each network you intend to target, one-by-one and click Add button for each entry.

  • Click Save to save the configurations.

.

  • After saving, the ASN filter group gets created. However to activate this you will have to associate this ASN filter just created to the relevant zone, This will direct the DNS queries for a zone to be processed according to the rules you've set up for the specific networks.
  • If the queries to your domain is from specific networks as mentioned in the list of networks in the ASN filter group associated with the domain, CloudDNS directs the traffic to custom IP address(es).
 

 

 IP Filters 

IP filters provide the ability to control traffic based on individual IP addresses or ranges of addresses. This type of filtering can be utilized to block or allow DNS queries from certain IP addresses, to create allowlists or blocklists, and to enforce IP-based access control. It is a straightforward method for regulating who can or cannot access certain resources on a network.

Configuring IP Filters 

 

To add an IP filter:

  • Navigate to the IP Filters tab

  • Click on the Add Filter button on the top right corner to create an IP filter group

  • Name the filter group with a unique name for easy identification.

  • Now add the type of IP addresses that the filter group represents, IPv4 or IPv6.

  • Start adding the specific IPs one by one and click add after each entry.

  • Click Save to save the configurations.

 

Info:

You can later edit or delete the configurations for these three types of filters as and when required, just by getting into the Filters menu, choosing the type of filter, and clicking on the edit or delete icon on the extreme right of the filter name.


You can also view the list of domains associated with the filter by clicking on the view icon in the extreme right end of the filter. You can also delete the filter as and when required.


Associating filters with zones

The most important step that you cannot skip is associating the filters you create with the appropriate domains. 
  1. On the Domains page, select the domain name of your choice and click through it to access the various zones under the domain name. 
  2. Now select the respective record or create one for the zone of your choice. 
  3. On the Create/Edit page of the record, navigate to the Filters field and select the suitable filter  to be associated with your zone. 
  4. Click Save to save the configurations. Now the record will be served as response for the clients that fit the criteria defined in the filter group.



When associating with the respective zones, all the named filter groups under the three categories are consolidated and displayed as one single list of filters. Ensure you specify the name of the right filter group while associating the filter with its domain.


Only one filter group of a specific type can be associated with a domain.


 

 

 

 
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                  See all integrations
                  New to ADManager Plus?

                    New to ADSelfService Plus?

                    Start your free trial

                      • Related Articles

                      • Domain setup in ManageEngine CloudDNS

                        What is a domain? A Domain is a unit of administrative control managed by a dedicated authoritative DNS server that stores authoritative DNS information for that domain. A domain is a unique and human-readable name used to identify a specific ...

                      • Getting Started with ManageEngine CloudDNS

                        Introduction to ManageEngine CloudDNS ManageEngine CloudDNS is ManageEngine's first critical DNS infrastructure management product to enrich your experience in the internet landscape. CloudDNS enables you to effortlessly manage DNS records and ...

                      • DNS records setup in ManageEngine CloudDNS

                        How to create and update DNS records? What is a DNS record? The DNS records (also known as zone files or resource records) are the constituent files of a Zone or a Domain that carry the essential instructions that help the DNS resolver quickly ...

                      • DNS monitoring in ManageEngine CloudDNS

                        DNS monitoring in ManageEngine CloudDNS DNS monitoring in CloudDNS is crucial to ensure the health and performance of your DNS infrastructure. By configuring DNS monitors in CloudDNS, you can keep a constant eye on your DNS servers and records. It is ...

                      • Zone Groups in ManageEngine CloudDNS

                        What is a Zone Group? A Zone group is a quick-curated list of a unique collection of multiple zones that simplifies zone management in CloudDNS. How to create or edit a zone group in ManageEngine CloudDNS? To create a new zone group: Select the ...

                        Related Products