This article explains how Barracuda Content Shield (BCS) DNS Filtering can integrate with Barracuda Forensics & Incident Response to better protect your users from receiving malicious or suspicious emails.
After you have set up your BCS account, you can configure Barracuda Forensics & Incident Response to work together with BCS on incident remediation. To do so, in your Barracuda Forensics & Incident Response account, enable the Block all user web traffic for domains contained in links feature (see Creating an Incident). This action creates new exceptions that block web traffic from the domains contained in incident email for every DNS Location you have configured in BCS (see the DNS Filtering page). These new BCS exceptions will be labeled as having been created by Barracuda Forensics & Incident Response.
If you have already created a policy or policies on the DNS Filtering page, edit the existing policy for each DNS Location by clicking Categories in the table.
- In the Categories screen of the Add Location wizard, select the following categories from the Security section, which Barracuda recommends for the default policy to integrate with your Barracuda Forensics & Incident Response service.
- Malicious Sites
- Phishing & Fraud
- Spam
- Spyware
- Suspicious Sites
- Click Next.
- Continue with the wizard, creating exceptions as needed. See How to Configure DNS Filtering Policies for more detail
If you are creating a new DNS Location, following instructions in the Configure a New Filtering Policy For a Network section of How to Configure DNS Filtering Policies and incorporate the steps below.
- In the Categories screen of the Add Location wizard, in the Category Policy drop-down, select Custom. This clears all categories.
- Next, select the following categories from the Security section, which Barracuda recommends for the default policy to integrate with your Barracuda Forensics & Incident Response service. Then click Next.
- Malicious Sites
- Phishing & Fraud
- Spam
- Spyware
- Suspicious Sites
- Continue with the wizard, creating exceptions as needed. See How to Configure DNS Filtering Policies for more detail.