URL Analysis relies on the configuration of a Layer 7 rule to capture the DNS traffic traversing the NSX Edge cluster.
A Layer 7 rule must be configured on all Tier-1 gateways, backed by the NSX Edge cluster for which you want to analyze traffic. The DNS traffic is analyzed to extract the hostname and IP information from the DNS packets. The extracted information is then used to categorize, and score the traffic.
Prerequisites
Procedure
- Navigate to All Shared Rules tab. and check that you are on the
- Click Add Policy to create a policy section, and give the section a name.
- Select the check box next to the policy and click Add Rule.
- Configure the following options:
Option Description Name Name of rule. Source Any Destinations Any Services - DNS-UDP
- DNS
Profiles DNS Applied to Select all of the tier-1 gateways backed by the NSX Edge cluster where URL Analysis is enabled. Action Allow - Click Publish.