Configurable Objects and Their Associations
ScoutDNS is built around object-based configuration to make management and deployment at scale easier. In this article we will explore the different configurable objects and explain their associations.
Allow/Block List
Allow/Block List Description
Allow/Block Lists are objects that contain allow or block overrides to policy rules. You can create many lists and any list can be set to global. These objects can also inherit organization tags.
Allow/Block List Associations
Allow/Block list are assigned to Policies with flexible assignment options.
You can assign one Allow/Block list to One Policy.
You can assign any Allow/Block list to more than one policy.
You can assign multiple Allow/Block list to the same policy.
Policy
Policy Description
Policies are the rulebooks for which end user devices are governed.
Policy Associations
Policies are assigned to WANs and LANs in Sites for non-agent based network devices.
Allow/Block lists are assigned to policy in various configuration possibilities.
Polices are assigned to Profiles for devices with roaming clients.
Organizations
Organization Description
Organizations are a container like object that allows us to group Sites and Profiles together for the purpose of reporting and tracking related logs to an organization. The Organizations tab is enabled for MSPs accounts be default and Enterprise accounts upon request.
Organization Associations
Originations are a top-level object that Sites and Profiles are assigned to.
Sites
Site Description
Sites are meant to represent physical locations and are an object used to group WAN and LAN networks together. WAN Forwarding and LAN Relay deployment options are configured here.
Site Associations
Sites are assigned to Organizations (when this tab is enabled).
WANs and LANs are linked to sites and are created within the site.
Policies are assigned to WANs and LANs within the Site.
Custom Block pages are assigned to WANs within the site.
Profiles
Profile Description
Device Profiles are container like objects that allow us to group devices with roaming clients to common policy control.
Profile Associations
Profiles are linked to Organizations (when this tab is enabled).
Polices are set to Profiles.
Block Pages are set to Profiles.
Client devices with agents are assigned to a profile at installation or can be reassigned at any time after.
Putting it Together
Here is a look at how all objects might look in a particular deployment.
Related Articles
Add System Users - Role Based Access
ScoutDNS supports Role Based Access allowing multiple operators within a single account to access the system. Roles There are three possible roles in any account. Super Admin: One per account. Can create and remove and users. Has access to create, ...Organizations - Configuration and Management of Multi-Tenant Use
ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and could have different roles depending on each account setting. The second level enabled though the Organizations tab ...Configure AD (Active Directory) Polices
ScoutDNS supports policy by user groups as synced from Active Directory. This can be helpful when admins desire policy decisions to follow the user regardless of the device and device profile in use. This guide walks through how ScoutDNS performs the ...Roaming Clients / Device Agents - Setup, Configure, and Manage
ScoutDNS provides device agents for organizations what wish to cover devices with DNS layer protection on and off the network. The ScoutDNS device agent is an extremely lightweight application best installed on managed devices where administrative ...Install ScoutDNS Certificate for Browser HTTPS Errors
When a site or domain is blocked by ScoutDNS, a block page is served to the end user in place of the requested domain. If the requested domain was encrypted with HTTPS, then a security error will occur. In order to resolve this and receive a valid ...