ScoutDNS is built for Managed Service Providers (MSPs) to deliver robust DNS protection to their customers and end users. Setup is straightforward, thanks to our object-based configuration approach. Here is a brief outline of what this guide covers.

Want to get into
quick testing for your trial?
Just use the
quick start setup guide to deploy sites or roaming clients for testing. You can reference this guide later for actual tenant deployment.
Setup Overview
- Create Global Objects – Start by defining global policy templates and allow/block lists. These will serve as the foundation for your configurations.
- Add Tenants – In the Organizations tab, name the individual tenants for the businesses you manage.
- Configure Deployments – Create control point objects and assign appropriate settings based on deployment needs:
- Sites for WAN/LAN configurations
- Profiles for roaming client deployments
- Personas for Active Directory (AD) or Entra ID group-based filtering
- Invite Internal (your team) and External (third party/co-managed) system users
Key Assignment Structure
- Non-global Allow/Block are set to individual policies.
- Policies are assigned to networks (Sites), devices (Profiles), or AD/Entra ID user groups (Personas).
Step 1 - Create Global Objects
To get started, we need to create global objects and templates.
Create Global Allow/Block List
Configure Global Allow/Block lists to manage domains you want to control across all policies for all tenants. This is commonly used to ensure your important tools are always allowed even when blocking some application types for added security. We will configure organization or policy specific allow/block lists later.
Create Template or Global Policies
Create Template policies to act as your baseline policies. These can be used as global policies across multiple accounts or can be copied into customer specific policies as needed. We will create organization specific policies later.
Configure default Block Page
Step 2 - Add Tenants
ScoutDNS is a multi-tenant platform that enables easy segmentation for deployments, management, and reporting while still providing global-level visibility and control when needed. Use the tenant selector at the top right to toggle between All Organizations or a specific organization. Your selection will adjust the view of any tab or object accordingly.
From All Org View
The Organizations tab itself is only available from the All Organizations view. Start here to create your organizations/tenants.
Create Organization
Create organization based custom block pages (if needed)
From Tenant/Org View
You can create any object from the All Organizations view; however, doing so requires manually linking key objects like profiles and sites to their respective organizations, as there is no automatic way to determine which tenant they belong to. A better approach is to first select the organization from the tenancy selector and then create objects within that specific organization's view. This ensures the object is automatically linked to the organization and applies organization tags to policies, allow/block lists, and other relevant objects. This is important because it enables external Organization Operator Managers to edit these objects.
Create customer specific allow/block list (if needed)
Create Organization specific polices (if needed, can be copied from templates)
Create customer specific policies. Otherwise, you can just assign your global policies/template as desired.
You can create and configure deployments based on what and how you want to filter.
Create/Deploy Sites
Configure sites to set DNS at the WAN or LAN network levels at office or site locations. This is great for BYOD/guest users, headless devices, or any other devices that will not be using the roaming clients.
Create/Deploy Roaming Clients
Create/Deploy User/Group based polices (if desired)
Configure Personas if you need to set different content policies based on end user groups as defined in Active Directory or Entra ID.
Step 4 - Invite Internal and External Users
Invite Internal Users
ScoutDNS provides role-based access for your internal teams. You can manage your team's access direct in ScoutDNS, or within Entra ID.
Or
Invite External Users (Org Operators)
Org Operates are external third-party users with limited access rights that are assigned on a per organization level. This is mainly used for co-managed IT environments.
You will need to ensure any configurable objects that you wish for Org Operators to edit have organization tags.
Create and assign roles within the Access Management tab.
You can monitor platform notices and subscribe to updates from our status page located:
status.scoutdns.com.
Subscribe to receive notifications about systemwide issues and maintenance windows for major releases and updates.