How to block DNS by categories?

WilliamMS 1 Reputation point
2020-11-08T05:40:29.843+00:00

Hello everyone,

I have read through this URL: https://learn.microsoft.com/en-us/powershell/module/dnsserver/add-dnsserverqueryresolutionpolicy?view=win10-ps as DNS PowerShell script to block and filter query from users.

But I couldn't find my answer anyway,

My local DNS scenarios:

  • I create local DNS server 2016
  • All domain user have been using that DNS as primary

Now I want:

  • I want to block all users from accessing website by categories like Social Media, Job Portal
  • I want to allow only HR computer IP address to be able assessible HR portal
  • I want to allow only Marketing computer IP address to be able assessible Facebook

Please anyone could help me out or some suggestion I would really thank in advance.

Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 426K Reputation points MVP
    2020-11-08T14:14:34.02+00:00

    There are no windows processes to do this natively. Your local DNS server has no knowledge of public DNS and or categories like Social Media, Job Portal. You may need to look for a third party product to accomplish your task.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments
  2. Gloria Gu 3,891 Reputation points
    2020-11-09T06:14:28.513+00:00

    @WilliamMS Hi,

    Thank you for posting in Q&A!

    According to my research, it seems can be achieved by configuring DNS policy based on your requirements.

    DNS Policies are a new feature in Windows Server 2016 that allow administrators to determine how DNS servers respond to client queries, based on several factors, including the client’s location, the time of day, transport protocol, etc. Currently, DNS Policies can only be configured via PowerShell.

    For more details about how to configure DNS policy, please refer to:
    https://petri.com/windows-server-2016-apply-filters-dns-queries
    http://innovativeii.com/windows-server-2016-dns-policies/
    https://learn.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-policies-overview

    Hope you have a nice day!
    Gloria

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
    https://learn.microsoft.com/en-us/answers/articles/67444/email-notifications.html