Set Lumu as primary network DNS Resolver on Virtual Appliances

Set Lumu as primary network DNS Resolver on Virtual Appliances

The Lumu Virtual Appliance (VA) offers a seamless way to integrate the network metadata of your entire enterprise into the Lumu platform. You can easily deploy and set up a Lumu Virtual appliance to collect DNS network metadata through the Virtual Appliances section of the portal. For this, you need to configure your devices to point all DNS requests to Lumu the Virtual Appliance’s IP addresses, substituting the automatic DNS servers provided by your internet service provider (ISP).

Once you have pointed your DNS to the Lumu VA, all the requests to resolve a hostname on the internet will be processed by Lumu against its proprietary intelligence, including machine learning and artificial intelligence models, to identify if your network is “talking” with adversarial infrastructure.



Requirements

  1. Admin access and prerequisites to configure your DNS Server / Router.
  2. The most recent version of the Lumu Virtual Appliance installed
You can check the current version of the virtual appliance using the following command: lumu-appliance -v. For more information on how to upgrade the Lumu VA, consult Upgrade Virtual Appliances.
These are the general steps you should follow to configure Lumu VA as primary network DNS resolver:

Deploy and Set Up a Virtual Appliance

All detailed steps to create, download, and install a virtual appliance on your preferred hypervisor or Cloud solution are available in our documentation:

Manage DNS Forward Mapping

By default, the primary and secondary DNS Server fields of the Lumu VA are already populated with public DNS Servers, which is adequate for most small networks. However, if you have local primary and secondary DNS servers, you should specify your DNS servers accordingly. You can manage these settings using the command.

applianceadmin@lva:~$ lumu-appliance set resolver forward-zones

In the forward zones settings, you have the option to specify if you plan to use TLS (Transport Layer Security). If you use TLS, you should set the DNS addresses in the following format: <ip_address>@<port>#<comment>

Lumu VA DNS settings Lumu VA DNS settings

Configuring Your DNS

We recommend doing this procedure on your edge DNS equipment, typically a router, DNS, or DHCP server in your company. Commonly, the device that provides an internal non-routable IP address (DHCP) or the device that serves as your default gateway is also where you configure public DNS servers. Most often this will be a DNS server or a router—this might be your DSL router or cable modem if that is the only router in your network.

Before you change your DNS settings to use Lumu Gateways’, be sure to record the current DNS server addresses. It's important that you keep this data for backup purposes—just in case you need to revert to them at a later date.

Some ISPs hard-code their DNS servers into the equipment they provide. If you are using such a device, you will not be able to configure it to use Lumu. Instead, you can configure each one of your devices (desktops, servers, etc).

The process for changing your DNS settings varies according to the operating system (OS) and versions (Windows, Mac, or Linux) or the device (desktop, DNS server, router, or mobile device). For authoritative information, please consult the vendor documentation. We have created the following guides to help you with this configuration:


        • Related Articles

        • Configure Virtual Appliances

          Once the Virtual Appliance (VA) has been added to the Lumu Portal and imported into a hypervisor or cloud environment, it is time to configure the Lumu VA to collect network metadata to illuminate threats, attacks, and adversaries coming from your ...
        • Lumu Virtual Appliance DNS Packets Collectors Catalog

          Before attempting this type of implementation, we strongly suggest checking out our Lumu Agent for Windows Server , which can act as a DNS server collector and covers the vast majority of the scenarios of this VA implementation (Windows Server 2016 ...
        • Lumu Virtual Appliance DNS Queries Collectors Catalog

          In the following table, you will find a complete list of DNS Queries Collectors available for deployment as part of Lumu's Virtual Appliances. Collector Logo Collect DNS Queries with Lumu VA and Infoblox Collect DNS Queries with Lumu VA and Citrix ...
        • Collect DNS Queries with Lumu VA and Infoblox

          Requirements Infoblox NIOS version 8.4+. Admin access to specify syslog servers on Infoblox NIOS. The most recent version of the Lumu Virtual Appliance installed. You can check the current version of the virtual appliance using the following command: ...
        • Introduction to Lumu Virtual Appliances

          The Lumu Virtual Appliance (VA) is a pre-configured lightweight virtual machine solution that collects the network metadata of your entire enterprise and forwards it to the Lumu cloud with the lowest impact on the network operation. This document ...