browse
Introduction
After introducing our SIG solution, we have added the concept of the External domain list. In this article, we will explain the difference between the internal domains list and the external domains list.
Internal Domain list
For all the domains that are added to the Internal domain list, the DNS queries are sent through the local network's DNS servers. These domains will be bypassing the Roaming devices and the Virtual appliances to resolve using the configured DNS on the machine. This will also bypass the Umbrella DNS layer. The Umbrella dashboard admin won't be able to see the DNS record under the dashboard.
External Domain list
All the domains that are added to the External domain list will be bypassing the SWG, and the domain will not be proxied. The External domain list will bypass the Umbrella proxy layer. The External domain list will be applied only to the Hosted PAC, AnyConnect devices. The Umbrella dashboard admin won't be able to see the Web record under the dashboard.
Caveats
Domains listed in the Internal Domain List will bypass both the DNS Layer Protection and SWG Proxy.
Domains listed in the External Domain List do not bypass the DNS Layer Protection only the SWG Proxy.
Recommendation
You should only add the domains that are trusted since this will bypass a layer of the Umbrella protection depend on the list you added the domain to.