Allow or Block DNS Resolution on CIDR Blocks

Allow or Block DNS Resolution on CIDR Blocks

When to block and allow networks

Use the network block list and allow list functionality to make granular block and allow settings in a Securd security policy.

Block and allow options
  1. Block site at the network level – Records resolving to a network will be immediately blocked no additional processing.
  2. Allow site at the network level – Allow hosts or domains resolving to a network to never be blocked and override all security policy settings.
Step 1: Review your security policy

In the Securd policy editor, administrators need to be familiar with the active allow/block policies lists that are mapped to a security policy. Modifying the policy lists will be immediately applied to policy that  is mapped to your sites, agents and browser deployment.

Step 2: Choose a block or allow list to modify

Chose network list that you want to edit. Allow lists are highlighted in green. Block lists are highlighted in red. You can also create a new list if you chose. Make sure the new list is mapped to a policy as in Step 1.

Step 3: Add networks to your block or allow list

In the policy list editor, add a CIDR block that you wish to block or allow. In this example, we will block access to 111.222.333.0/24. Since the policy is mapped to your default security policy (as displayed in Step 1), when you hit “Save” the all domains with records on 111.222.333.0/24 will be immediately start to be blocked.

Step 4: Verify block or allow by visiting a domain pointed to the network

To verify your policy list change, browse to a domain with a record on 111.222.333.0/24 . Instead of being able to access the domain, you will be presented a Securd block page. The block page will also have a reason displayed why the page was blocked.

    • Related Articles

    • Allow or Block DNS Resolution to Domains

      When to block and allow sites Use the block list and allow list functionality to make granular block and allow settings in a Securd security policy. Block and allow domain options Block site at the hostname, domain or tld level – Blocked hosts or ...
    • Implicit Deny ALL for DNS Resolution

      The principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires a process or function must be able to access only the information and resources that are necessary for its ...
    • Managing Custom Block Pages

      What is a Block Page? A common feature in a DNS security or web security solution is a block page. If a user attempts to access a blocked resource through a web browser, the security solution redirects the user to a hosted block page. Instead of ...
    • How to Use Securd to Block Access Russia's .ru, .su, and .рф Domains.

      You can used Securd block DNS resolution to any Russian host name, domain or top-level domain. There are three types of Russian top-level domains .ru is the Latin alphabet Internet country code top-level domain (ccTLD) for Russia. .рф is the Cyrillic ...
    • An Example of How the Greywall Blocks a Phishing Threat

      The Securd Greywall reduces risk by limiting unwitting end-users from temporarily interacting with domains, hostnames, and URLs with zero histories, reputation, or generated by an algorithm. Here is an example how it prevents a user from unwittingly ...