Set up DNS filtering
Secure Web Gateway allows you to inspect DNS traffic and control which websites users can visit.
1. Connect to Gateway
To filter DNS requests from an individual device such as a laptop or phone:
- on your device.
- In the WARP client Settings, log in to your organization’s .
- (Optional) If you want to display a , on your device .
Connect DNS locations
To filter DNS requests from a location such as an office or data center:
- to your Zero Trust settings.
- On your router, browser, or OS, forward DNS queries to the address shown in the location setup UI.
2. Verify device connectivity
- In , go to Settings > Network.
- Under Gateway logging, enable activity logging for all DNS logs.
- On your device, open a browser and visit any website.
- In Zero Trust, go to Logs > Gateway > DNS.
- Make sure you see DNS queries from your device.
3. Add recommended policies
To create a new DNS policy, go to Gateway > Firewall Policies > DNS in Zero Trust. We recommend adding the following policy:
Block all security categories