About DNSWatchGO Client
DNSWatchGO Client is an application that you install on portable computers that leave your network, such as employee laptops. The client simultaneously forwards DNS requests to the DNSWatch servers and the upstream DNS resolvers. DNSWatch servers compare the requested domain to the lists of malicious domains in the Domain Feed and to domains in filtered categories.
If the requested domain is not on the known malicious domains list or on the filtered domains list, the requested content appears.
If the domain is a known threat or filtered content:
- DNSWatchGO Client returns the block page content.
- If the requested content links to a malicious domain, DNSWatch gathers more information about the threat.
When a computer is connected to your network, your network policies and protections take priority over DNSWatchGO settings.
DNSWatchGO over VPN
DNSWatchGO is compatible with most split tunnel VPNs. DNSWatchGO is fully compatible with these WatchGuard Mobile VPN types:
DNSWatchGO Client Process
As part of the DNSWatchGO Client installation, all Internet Protocol (IP) enabled adapters on the host computer have their DNS servers configured to localhost. The original configured DNS settings are saved in the DNSWatchGO Client as the upstream DNS servers.
The DNSWatchGO Client listens on localhost port 53 (both TCP and UDP) and intercepts DNS requests. When it receives a request. DNSWatchGO Client:
- Sends a query to DNSWatch to determine if the domain is blocked.
- Sends a request for the IP address of the domain to the upstream DNS servers, based on the original DNS server configuration on the host (dynamic or manually configured DNS servers).
After DNSWatch sends the response:
- If the response is block or filter, the DNSWatchGO Client returns the block page.
- If the response is Allow or Whitelist, the DNSWatchGO Client returns the requested content provided by the upstream DNS server.