Application Control and DNS Filter

Good day everyone,

I am currently testing out FortiAnalyzer to see what reports we can get out of it.

My current issue is the following.

We are only using a static DNS filter to allow a specific set of domains for a specific client with a wildcard block at the end.

Example:

*google.com allow

*Pikachu.allow

* block

Now I have enabled the default application control security profile on the same policy so that we can get a view of application usage for this client.

All the categories are only set to monitored, does anyone know if this will now over ride the DNS filter and allow applications to talk to the internet? Or will the DNS filter still kick in and only allow what we tell it to allow?

Running FortiOS 6.0.9.

Regards,

Stefan