To group together the types of DNS tunnels and other web applications that you want to control in a DNS Control rule, create a DNS Application Group. To learn more, see About DNS Application Groups.

To create a group:

1. Go to Policies > Access Control > Firewall > DNS Application Group.
2. In the DNS Application Group tab, click Add DNS Application Group.
3. Enter a Name for the application group. It can have a maximum of 255 characters and can include any standard characters, including spaces.

4. Add DNS Tunnels & Network Apps to the rule. Click the down arrow and select any number of tunnels and applications that you want to include in the group. You might create a group to include DNS tunnel methods and web applications that should be allowed for some users, while another could include tunnel methods that are blocked for all users. Click the category name to include all the tunnels or applications in a category. When you are finished, click Done.

   See image.

   

   Close

5. (Optional) Enter a Description to add any additional notes or information. The description cannot exceed 10,240 characters.
6. Click Save and activate the change. After saving and activation, the DNS Application Groups are available for use when creating DNS Filtering rules. They will enable you to Allow or Block the types of traffic that you have identified in your group.