|
|
|
|
|
|
|
|
iPrism can use DNS for several tasks:
Name
Resolution 
(host-to-ip) & Reverse
Name Resolution (ip-to-host), including:
- name resolution to find Internet servers (i.e., web surfing targets)
- name resolution to find St. Bernard Software IUS Servers for filter-list and product updates
- name resolution to find iPrism for authenticating Transparent-Mode Auto-Login clients
- reverse name resolution to support iPrism Anti-Spoofing
Mail
Exchange Resolution (for reaching a Mail Server)
In iPrism v4.2 and later, iPrism will fallback to the root DNS name servers (on the Internet) for name lookup services if the current iPrism DNS servers stop responding or fail. This helps ensure un-interrupted name-resolution. DNS Fallback is enabled by default for new v4.2 installations. Users who upgrade from prior versions need to enable DNS Fallback with the highlighted checkbox below.
Go to:
Appliance Manager > System Configuration > System > Networks tab
Proxy-Mode relies on iPrism DNS lookups to perform URL name resolution. This can be done by iPrism itself, or DNS servers configured in the "Networks Tab > Forwarders Field", see:
Can I specify multiple DNS servers in iPrism?
Bridge-Mode relies on client DNS lookups to perform client URL request name resolution, off-loading iPrism. However, iPrism must still be configured for DNS lookups for resolving hostname/URL references to the St. Bernard Software update servers, for example. In summary, DNS services should always be configured in iPrism.
With Transparent-Mode Auto-Login enabled, when a user makes a URL request, they authenticate via iPrism before accessing the target web site. If there is no DNS A record for iPrism, hostname resolution for iPrism fails "behind the scenes" returning the message "Page cannot be Displayed". This makes it appear to the user that they cannot get to their originally requested web site, but in reality, they are failing to authenticate using iPrism. See:
How do I setup a DNS A record for iPrism
For more information on setting up Transparent-Mode Auto-Login, see:
Used to support Hostname-to-IP Anti-Spoofing measures, see:
How do I Disable or Configure Host-to-IP Anti-Spoofing?
iPrism uses the SMTP protocol to support sending or receiving, via email:
Reports (see Reports Manager)
Alerts (on Monitored activity)
System Notifications (Upgrades, Filter-List Aging, Registration)
Access Request emails (Request Access button)
By default, iPrism will perform a DNS (MX record) lookup to deliver these emails. If iPrism is installed in a network where a DNS server is not available or DNS MX record lookups are to be avoided, and a Mail Server or SMTP Smarthost can be directly contacted by IP address, the IP can be configured, see:
