Apps Breakdown 90% DNS

[SuperMiguel]

I have like 10 cameras that are just making DNS requests like there is no tomorrow, so 90% of my app breakdown are dns request from this cameras. The firewall rules for that VLAN are block all, but i guess DNS requests still making it to Zenarmor, should i just delete that VLAN from the Zenarmor list? or is there a way to get rid of all them requests. Thanks!

[dinguz]

This happens probably because the default view in the dashboard displays the number of Sessions. Because DNS is UDP based, with lots of small packets, and every packet is a session, these numbers rise quite fast, giving a skewed view.
If you change the view to Volume, it gives a better impression of the amount of traffic, and the distribution thereof. You'll probably come to the conclusion that this is nothing to worry about.

[SuperMiguel]

Is there a way to block all of these requests? so they dont show?

[Taunt9930]

Is there a way to block all of these requests? so they dont show?

Add a filter, surely?

[sy]

Hi,

Do you want to block them or just hide them from the reports?

[SuperMiguel]

Block them, These are PoE cameras that dont have internet access and shouldnt make any DNS requests...

I added firewall rules to reject All IN/Out traffic from this VLAN, but still making it to Sensei, I click the block button on Sensei and they still show as blocked

I got tired of it one day and even removed the vlan from sensei and added the vlan to the  Exempted VLANs & Networks  and they still show... So not sure whats going on...

[sy]

Hi,

Can you share a bug report? They shouldn't be shown if you added in Exempted VLAN and Network.