This knowledge base page overviews the two specific deployment types you can configure to use the CyberFOX DNS service: Static Locations and Roaming Devices. Each deployment type has its unique configuration and use cases, ensuring your network's flexibility and security.

Static Locations

You only need to follow a few straightforward steps to set up CyberFOX DNS filtering for a location. Static locations are tied to physical IP addresses, and IP-based policies are used to manage DNS requests. This setup is ideal for offices, data centers, or any fixed locations where devices connect to a specific network. It provides straightforward network protection without the need to secure devices outside this network. This configuration offers general, non-specific reporting by location and is particularly useful when you cannot control the user’s endpoint or install software, such as with guest Wi-Fi. You can still enforce filtering policies even without control over the device.

To configure this, you need to modify the DNS forward settings on your network. Direct the DNS requests to one of our IPs: 166.117.75.142 or 166.117.157.16. This adjustment can be made at the firewall, router, or modem level, depending on what manages your outbound traffic. By following these steps, you can ensure that a portion or all of your network devices are filtered through the CyberFOX DNS Filtering service, providing enhanced security and control over your network.

 

Roaming Devices

Roaming devices are designed to move seamlessly between networks while utilizing DNS over HTTPS (DoH), DNS over TLS (DoT) or our Agent for secure DNS queries. This deployment type is ideal for laptops, mobile devices, and any other devices that require secure DNS resolution, regardless of their physical location. It ensures that your devices remain protected whether they are in the office, at home, in an airport, or anywhere else, while providing specific reporting for each device or user.

Administrators can assign specific policies to a device or user, ensuring that these policies follow them wherever they go, regardless of which device they use. There are two main options for configuring devices: using DoH, DoT, or our Roaming Client software. DNS over HTTPS and DNS over TLS secure DNS queries by encrypting the DNS traffic, ensuring privacy and security across different networks. Alternatively, the Roaming Client software can be installed on devices to manage DNS requests and enforce policies directly. This software is particularly beneficial for devices that frequently switch between different networks.

We provide detailed instructions for setting up DNS over HTTPS and DNS over TLS on Windows, Linux, macOS, Android, and iOS devices. Roaming Clients for Windows can be deployed using Remote Software Management and Monitoring tools (RMMs) such as Microsoft Intune (Microsoft Endpoint Manager) or installed on a per-device basis. This flexibility enables efficient and scalable management of secure DNS resolution across various devices and locations.