Configurable Objects and Their Associations

Configurable Objects and Their Associations

ScoutDNS is designed with an object-based configuration model to simplify management and large-scale deployment. In this article, we will explore the various configurable objects and their associations.

Allow/Block List

Allow/Block List Description

Allow/Block Lists are objects that contain allow or block overrides for policy rules. You can create multiple lists, and any list can be set as global. These objects can also inherit organization tags. 

Allow/Block List Associations

Allow/Block list are assigned to Policies with flexible assignment options. 

You can assign one Allow/Block list to one policy.




You can assign any Allow/Block list to more than one policy.



You can assign multiple Allow/Block list to the same policy. 




Policy

Policy Description

Policies are the rulebooks that govern end-user devices.

Policy Associations

Policies are assigned to WANs and LANs within Sites for non-agent-based network devices.



Allow/Block lists are assigned to policies in various configuration scenarios.


Policies are assigned to Profiles for devices with roaming clients.



Organizations

Organization Description 

Organizations are container-like objects that group Sites and Profiles together for reporting and tracking related logs. The Organizations tab is enabled by default for MSP accounts and available for Enterprise accounts upon request.

Organization Associations

Organizations are top-level objects to which Sites and Profiles are assigned.



Sites

Site Description

Sites represent physical locations and serve as objects for grouping WAN and LAN networks. WAN Forwarding and LAN Relay deployment options are configured here. 

Site Associations

Sites are assigned to Organizations when this tab is enabled.



WANs and LANs are linked to Sites and created within them.



Policies are assigned to WANs and LANs within a Site.


Custom block pages are assigned to WANs within a Site.



Profiles

Profile Description

Device Profiles are container-like objects that group devices with roaming clients under a common policy.

Profile Associations

Profiles are linked to Organizations when this tab is enabled.



Policies are assigned to Profiles.



Block pages are set to Profiles.


Client devices with agents are assigned to a Profile during installation but can be reassigned at any time.



Putting it Together

Here’s an example of how all objects might appear in a particular deployment.





    • Related Articles

    • Setup and Use Guide for MSPs

      ScoutDNS is built for Managed Service Providers (MSPs) to deliver robust DNS protection to their customers and end users. Setup is straightforward, thanks to our object-based configuration approach. Here is a brief outline of what this guide covers. ...
    • Organizations - Configuration and Management of Multi-Tenant Use

      ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and have different roles depending on each account's settings. The second level, enabled through the Organizations tab, ...
    • Add System Users - Role Based Access

      ScoutDNS supports role-based access, allowing multiple operators within a single account to access the system. This article describes how to configure role-based access directly in ScoutDNS. To configure and manage role-based access from Entra ID ...
    • Install ScoutDNS Certificate for Browser HTTPS Errors

      When a site or domain is blocked by ScoutDNS, a block page is displayed to the end user instead of the requested domain. If the requested domain is encrypted with HTTPS, a security error will occur. To resolve this and display a valid block page for ...
    • Configure AD (Active Directory) Polices

      ScoutDNS supports policy enforcement by user groups synced from Active Directory. This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS syncs with ...