How To
Configure Entra ID based Policies
ScoutDNS supports policy enforcement by user groups synced from Entra ID (formerly Azure AD). This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS ...
Setup and Use Guide for MSPs
ScoutDNS is built for Managed Service Providers (MSPs) to deliver robust DNS protection to their customers and end users. Setup is straightforward, thanks to our object-based configuration approach. Here is a brief outline of what this guide covers. ...
Configure AD (Active Directory) Policies
ScoutDNS supports policy enforcement by user groups synced from Active Directory. This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS syncs with ...
Single Sign On (SSO) Configuration - Entra ID
Entra ID SSO Enabling Single Sign On (SSO), allows admins to manage access for their instance through Entra ID SSO. ScoutDNS uses the Open ID Connect (OIDC) protocol for secure commination with Entra ID. SSO will disable all existing ScoutDNS ...
Configure Custom Block Pages
Admins can edit the default block page and create multiple custom block pages for end users. Block pages are rendered through our block page service engine. Custom block pages can be assigned to WANs under Sites and to Roaming Clients on the Profile ...
API Access
API access is available for certain account types, allowing admins to self-manage API tokens for the standard ScoutDNS Operator API. This help article covers the Public Operator API. For access to other APIs, such as the OEM API, please contact ...
2FA/MFA - Two Factor Authentication
Enabling 2FA for your account enhances security for operators accessing your data. ScoutDNS supports token-based 2FA, which can be enforced for all operators with account access. Once enabled, operators must authenticate using a token sent to the ...
Organizations - Configuration and Management of Multi-Tenant Use
ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and have different roles depending on each account's settings. The second level, enabled through the Organizations tab, ...
Roaming Clients / Device Agents - Setup, Configure, and Manage
ScoutDNS provides device agents for organizations that wish to protect devices with DNS-layer security both on and off the network. The ScoutDNS device agent is an extremely lightweight application, best installed on managed devices where ...
Relay - Setup and Configure
ScoutDNS supports a Relay configuration, allowing operators to install a lightweight service within their network. The relay acts as a local forwarding resolver, processing internal queries while forwarding public queries to the ScoutDNS cloud ...
Configuring Notifications
ScoutDNS allows administrators to designate who receives notifications and specify the type of notifications sent and their destinations. This is managed through Notification Profiles. A Notification Profile includes the recipient’s email address and ...
Add System Users - Role Based Access
ScoutDNS supports role-based access, allowing multiple operators within a single account to access the system. This article describes how to configure role-based access directly in ScoutDNS. To configure and manage role-based access from Entra ID ...
Install ScoutDNS Certificate for Browser HTTPS Errors
When a site or domain is blocked by ScoutDNS, a block page is displayed to the end user instead of the requested domain. If the requested domain is encrypted with HTTPS, a security error will occur. To resolve this and display a valid block page for ...
Working with Whitelist and Blacklist
At times, it may be helpful to fully block or allow a domain based on your desired outcome. The White/Black List tab allows you to create and manage custom block and allow lists. You can associate these lists with all policies (global) or assign them ...
Prevent DNS Work-Around for Users
Some users on your network may attempt to bypass ScoutDNS resolvers by changing the DNS servers in their device network settings. This can lead to unauthorized content access on network assets and increase security risks. Fortunately, DNS bypassing ...
Dynamic IP Setup
ScoutDNS supports dynamic DNS IP address integration with most dynamic DNS providers. Popular Dynamic DNS solutions include: No-IP ChangeIP DynDNS FreeDNS Once you have an account with one of these or a similar solution, you can configure ScoutDNS to ...
Quick Start Setup Guide - WAN Forwarding
There are three methods you can use to protect your networks and users with ScoutDNS: 1) WAN Forwarding – This method involves configuring ScoutDNS with your WAN IP address and forwarding DNS queries from inside your network to our anycast resolver ...