Dualog Protect - Get started

INTRODUCTION

Dualog Protect stops most malware, ransomware, trojan, and phishing attempts, ultimately blocking unsafe or suspicious internet resources before any harm is done by monitoring all activity at the DNS-level. The service is easy to set up and configure to your requirements for what types of content you wish to block. This article will get you started with Protect on your fleet.

PREPARATION STEPS

You will need a couple of things in place before you get started with the installation of Dualog Protect.

  • You will need a valid account on apps.dualog.com
  • Make sure all necessary IP and ports are whitelisted on your firewall(s)
  • You have created at least one Dualog Protect policy to assign to your ships
  • Download the latest installation file from https://apps.dualog.com/installations
    mceclip2.png
  • Disable any existing DNS service on the PC where Dualog Protect will be installed. Typical examples
    • Any external DNS relay/forwarder
    • If you are running Network Control, go to Remote Config > choose the ship > Network Control. Make sure to untick the options “DNS Relay” and “DNS cache” and save. 

      mceclip3.png

INSTALLATION

Dualog Protect can be installed on any client PC on board, as long as the system requirements are met. If you are running Active Directory on your ship, Dualog Protect cannot be installed on the Domain Controller as it would create a DNS loop.

Typically, you want to install Dualog Protect on a PC or server that is reachable from all onboard subnets that you wish to protect. If you are running Dualog Network Control, that PC is a good candidate to install Protect. If unsure about where to install, get in touch with us. We will be happy to help.

The standard installation process is described here. Follow the procedure and, once completed, continue with the steps below to complete the deployment of Dualog Protect.

ASSIGN THE DUALOG PROTECT POLICY

You can now proceed to assign the ship to your Protect policy. Go to the Protect "Configuration" tab. Now click on “Assign” and make sure your ship is ticked for this policy.

mceclip11.png mceclip12.png

DNS ROUTING

Dualog Protect is now active and ready to handle the DNS requests on board. 

  • ON THE DUALOG PROTECT PC

Make sure your WAN network adapter uses 127.0.0.1 as primary DNS.

  • ON ALL THE CLIENT PCs

Any client PC you wish to protect will need to have the Dualog Protect PC's IP address as their primary DNS server.

You can now go ahead and test Dualog Protect.

Export article
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.