All personal categories can be made available in RPZ mode, and these categories can influence the behavior of client DNS servers.
- On the left menu, choose “
Categories service > Your categories” - You can see that a new column “RPZ” shows you the translated RPZ status.
- Click on the link of the category you want to translate to RPZ
- Click on the “Policies Zones” link.
- Turn on the “Publish as RPZ category” option.
- Select the Action you want to DNS server
Actions provide a powerful, efficient, and centralized means to enforce security policies and content filtering across an entire network.
You have 5 available actions:
- Default:
Use action defined in the RPZ service. - Drop:
Returns a NODATA or NXDOMAIN–type response (the exact behavior can differ slightly depending on DNS version and configuration).
Means no resource records are returned, making the domain effectively unresolvable.
- NXDOMAIN:
Instructs the DNS server to respond with NXDOMAIN (non-existent domain).
This action blocks resolution for the matching domain, effectively preventing clients from accessing it.
- Whitelist:
Pass Through (Ignore Policy): Instructs the DNS server to bypass the RPZ rule and continue normal resolution.
Allows you to whitelist or override a block rule that might match a broader pattern.
- Redirect IP address:
This redirects the client from the blocked domain to a different IP or domain (often called a “walled garden”)
- Click on the “Compile the category” button.
- You should see the Active status inside the RPZ column
