ScoutDNS is designed with an object-based configuration model to simplify management and large-scale deployment. In this article, we will explore the various configurable objects and their associations.
Allow/Block List
Allow/Block List Description
Allow/Block Lists are objects that contain allow or block overrides for policy rules. You can create multiple lists, and any list can be set as global. These objects can also inherit organization tags.
Allow/Block List Associations
Allow/Block list are assigned to Policies with flexible assignment options.
You can assign one Allow/Block list to one policy.
You can assign any Allow/Block list to more than one policy.
You can assign multiple Allow/Block list to the same policy.
Policy
Policy Description
Policies are the rulebooks that govern end-user devices.
Policy Associations
Policies are assigned to WANs and LANs within Sites for non-agent-based network devices.
Allow/Block lists are assigned to policies in various configuration scenarios.
Policies are assigned to Profiles for devices with roaming clients.
Organizations
Organization Description
Organizations are container-like objects that group Sites and Profiles together for reporting and tracking related logs. The Organizations tab is enabled by default for MSP accounts and available for Enterprise accounts upon request.
Organization Associations
Organizations are top-level objects to which Sites and Profiles are assigned.
Sites
Site Description
Sites represent physical locations and serve as objects for grouping WAN and LAN networks. WAN Forwarding and LAN Relay deployment options are configured here.
Site Associations
Sites are assigned to Organizations when this tab is enabled.
WANs and LANs are linked to Sites and created within them.
Policies are assigned to WANs and LANs within a Site.
Custom block pages are assigned to WANs within a Site.
Profiles
Profile Description
Device Profiles are container-like objects that group devices with roaming clients under a common policy.
Profile Associations
Profiles are linked to Organizations when this tab is enabled.
Policies are assigned to Profiles.
Block pages are set to Profiles.
Client devices with agents are assigned to a Profile during installation but can be reassigned at any time.
Putting it Together
Here’s an example of how all objects might appear in a particular deployment.