i need to protect company network from access to dangerous and **bleep** pages.
I am thinking to put fortigate before our recursive dns servers and make filtrations of dns requests that cames to our DNS server from our internal network. Whould it work for dns filtering inthis way?
I dont want put all connectivity thru fg. From that reason i want to put it just as filter before dns server.
Will the the redirect and web filtering work this way? Can i make more profiles for different categories for different recursive servers?
Or it is bad idea to use it in this way?
We are talking about 800 dns requests / sec on total peak... From that reason i am thinking about fortigate 100F. Or it is overkill?