DNS visibility controls based on connection
Different remote access configurations have differing needs for access to internal resources. Users with limited access rights should only be provided enough DNS information to complete the connections that they need. Resolving any other address can produce several different problems: (1) For WAF and any other externally-published resources.: A remote access user, with limited access to internal systems, may still be required to access other resources through externally-published addresses, such as a WAF site. If his remote access connection only returns internal information, he will be misdirected and unable to access the resource that he is supposed to used. (2) Information leakage: If a user is allowed unrestricted access to either UTM or Internal DNS resources, he has the potential to map the internal network in a way that could facilitate subsequent attacks. The risk is greatest if the user has access to any Reverse DNS information.
Consequently, we need to a way to specify the internal DNS information to be granted to a remote connection, with anything outside the allowed list being resolved using external DNS. Once this is available, remote access connections can be configured to query UTM for there DNS, with the confidence that they will get either internal or external results, depending on their DNS access rights. Each remote access profile should be separately configurable.