Configurable Objects and Their Associations
ScoutDNS is designed with an object-based configuration model to simplify management and large-scale deployment. In this article, we will explore the various configurable objects and their associations.
Allow/Block List
Allow/Block List Description
Allow/Block Lists are objects that contain allow or block overrides for policy rules. You can create multiple lists, and any list can be set as global. These objects can also inherit organization tags.
Allow/Block List Associations
Allow/Block list are assigned to Policies with flexible assignment options.
You can assign one Allow/Block list to one policy.
You can assign any Allow/Block list to more than one policy.
You can assign multiple Allow/Block list to the same policy.
Policy
Policy Description
Policies are the rulebooks that govern end-user devices.
Policy Associations
Policies are assigned to WANs and LANs within Sites for non-agent-based network devices.
Allow/Block lists are assigned to policies in various configuration scenarios.
Policies are assigned to Profiles for devices with roaming clients.
Organizations
Organization Description
Organizations are container-like objects that group Sites and Profiles together for reporting and tracking related logs. The Organizations tab is enabled by default for MSP accounts and available for Enterprise accounts upon request.
Organization Associations
Organizations are top-level objects to which Sites and Profiles are assigned.
Sites
Site Description
Sites represent physical locations and serve as objects for grouping WAN and LAN networks. WAN Forwarding and LAN Relay deployment options are configured here.
Site Associations
Sites are assigned to Organizations when this tab is enabled.
WANs and LANs are linked to Sites and created within them.
Policies are assigned to WANs and LANs within a Site.
Custom block pages are assigned to WANs within a Site.
Profiles
Profile Description
Device Profiles are container-like objects that group devices with roaming clients under a common policy.
Profile Associations
Profiles are linked to Organizations when this tab is enabled.
Policies are assigned to Profiles.
Block pages are set to Profiles.
Client devices with agents are assigned to a Profile during installation but can be reassigned at any time.
Putting it Together
Here’s an example of how all objects might appear in a particular deployment.
Related Articles
Setup and Use Guide for MSPs
ScoutDNS is built for Managed Service Providers (MSPs) to deliver robust DNS protection to their customers and end users. Setup is straightforward, thanks to our object-based configuration approach. Here is a brief outline of what this guide covers. ...Organizations - Configuration and Management of Multi-Tenant Use
ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and have different roles depending on each account's settings. The second level, enabled through the Organizations tab, ...Add System Users - Role Based Access
ScoutDNS supports role-based access, allowing multiple operators within a single account to access the system. This article describes how to configure role-based access directly in ScoutDNS. To configure and manage role-based access from Entra ID ...Install ScoutDNS Certificate for Browser HTTPS Errors
When a site or domain is blocked by ScoutDNS, a block page is displayed to the end user instead of the requested domain. If the requested domain is encrypted with HTTPS, a security error will occur. To resolve this and display a valid block page for ...Configure AD (Active Directory) Polices
ScoutDNS supports policy enforcement by user groups synced from Active Directory. This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS syncs with ...