DNS tunneling VPN: Overview
DNS tunneling VPN classifies servers associated with DNS tunneling VPN services under a security category that you can block or allow and report on. These services allow end-users to disguise outgoing traffic as DNS queries, potentially violating acceptable use, data loss prevention, or security policies. As a result, these services present a potential security threat and reduce overall visibility in your environment.
With this security category providing immediate visibility, you can reduce the risk of DNS tunneling and potential data loss. You can block this category outright, or just monitor the results in reports; this provides the flexibility to determine what is the right approach to tackling the problem, depending on your risk tolerance, acceptable use or HR policies.
Turning on DNS tunneling VPN
This security category can be enabled like any other under Policies > Security Settings, then editing an existing security setting. Or, it can be done within the policy configuration wizard itself.
This security setting can be found under Prevent next to other Security Settings and is set to 'Allow' by default:
and can be filtered against in your reports: