Protective DNS Log Push Training Video
The video walks users through configuring Protective DNS log push, emphasizing a one‑time account upgrade for organizations onboarded before April 2023. It outlines the feature’s capacity to create up to four direct pushes to either an AWS S3 bucket or a Splunk instance, delivering raw resolver logs in under a minute with files containing up to 100,000 records. Key insights include the absence of source‑set or policy metadata in the raw logs, requiring administrators to use the provided crosswalk tables to map IDs after ingestion. The process is automated, contrasting with scheduled extracts, and supports rapid, continuous log streaming. The tutorial details the UI navigation—selecting the Resolver Logs tab, reviewing the log‑push table, and using the Connect a Service button. For S3, users must supply job name, AWS access key, secret, bucket path, region, endpoint URL, and complete an ownership‑token verification. For Splunk, required fields include collector URL, channel ID, URL‑encoded auth token, source type, and a verification token, with similar enable‑and‑save steps. By enabling near‑real‑time DNS log delivery, security teams can integrate data directly into SIEMs or data lakes, accelerating threat detection and response. However, the need for internal IT coordination and post‑push metadata mapping adds operational overhead that organizations must plan for.
Protective DNS Alert Set Training Video
The video walks through configuring alert sets within the Protective DNS Resolver management console, detailing both DNS event alerts and system event alerts for organizations. DNS event alerts trigger when queries match CISA‑global or agency‑specific filtering policies, allowing allow, block, or...
Protective DNS Authorized Sources Training Video
The video explains how to authorize sources to route traffic to a Protective DNS resolver, a required step before configuring internal destinations. Authorized sources are individual IP addresses (IPv4, IPv6, or SSE providers) grouped into logical "source sets" that reflect...
Protective DNS Policy Configuration Training Video
Protective DNS’s Policy Editor lets organizations create, manage and customize DNS filtering rules that sit at an upstream resolver for roaming and mobile devices. Policies exist at two levels—global (CISA-managed) and organizational—and can be static (rule-based) or dynamic (threat-feed driven),...
Protective DNS Resolver Log Training Video
Protective DNS’s Resolver Logs feature lets organization users with reporting roles preview, filter, download and schedule full DNS query extracts from the management dashboard. Users can filter by source set, authorized source, policy, record type, name and time range, preview...
Protective DNS User Management Training Video
The video walks through user management in the Protective DNS management application, showing how managers add organizational users, assign roles, and control access. By default new users receive read-only access to dashboards, policies, threat analysis and organization info; additional roles...
