Jump to Content
Cisco Secure Access - DNS Defense Help
Guides
Secure Access Help CenterCisco Secure Access - DNS Defense Help
Guides
Secure Access Help Center
Guides

Cisco Secure Access - DNS Defense Help

  • Welcome to Cisco Secure Access - DNS Defense
    • Sign into Secure Access - DNS Defense with Security Cloud Sign On
    • Find Your Organization ID
    • Determine Your Current Package
    • View Cloud Security Service Status
    • Contact Cisco Secure Access Support
  • Secure Access Single Sign-On Authentication
    • Configure Single Sign-On Authentication
    • Troubleshoot Single Sign On Authentication
  • Get Started
    • Begin Secure Access Onboarding Workflow
    • Step 1 – Configure Network Connections
    • Step 2 – Configure Access to Resources
    • Step 3 - Configure End User Connectivity
    • Step 4 – Configure Endpoints and Network Sources
    • Secure Access Overview Dashboard
  • Limitations and Range Limits
    • Data Retention
    • Monthly DNS Query Average
  • Network Requirements for Secure Access
  • Manage Network Connections
    • Comparison of Network Connection Methods
  • Manage Network Tunnel Groups
    • Device Compatibility and Network Tunnels
    • Add a Network Tunnel Group
    • Delete a Network Tunnel Group
    • Edit a Network Tunnel Group
    • View Network Tunnel Group Details
    • Supported IPsec Parameters
  • Network Tunnel Configuration
    • Configure Tunnels with Catalyst SD-WAN cEdge and vEdge
    • Configure Tunnels with Cisco ISR
    • Configure Tunnels with Cisco Adaptive Security Appliance
    • Configure Tunnels with Meraki MX
  • Manage Resource Connectors and Connector Groups
    • Requirements and Prerequisites for Resource Connectors and Connector Groups
    • Allow Resource Connector Traffic to Secure Access
    • Add Resource Connector Groups
    • Add Connectors to a Connector Group
    • Obtain the Connector Image
    • Provisioning Keys for Resource Connectors
    • Deploy a Connector in VMware
    • Deploy a Connector in AWS
    • Deploy a Connector in Azure
    • Determine the Number of Connectors Needed in a Connector Group
    • Assign Private Resources to a Connector Group
    • View a Connector Group's Connectors and Assigned Resources
    • Disable, Revoke, or Delete Resource Connectors and Groups
    • Maintain and Monitor Resource Connectors and Connector Groups
    • Troubleshoot Resource Connectors and Connector Groups
  • Manage Users and Groups
    • Import Users and Groups from CSV File
    • Provision Token for Identity Provider
    • Provision Users and Groups from Okta
    • Provision Users and Groups from Azure AD
    • Provision Users and Groups from Google Workspace
    • View User Details
    • View Group Details
    • View Endpoint Device Details
    • Unenroll Devices for Client-Based Zero Trust Access
    • Disconnect Remote Access VPN Sessions
    • Provision Users, Groups and Endpoint Devices from Active Directory
      • Connect Active Directory to Secure Access
      • Connect Multiple Active Directory Domains
      • Change the Connector Account Password
      • AD Connector Communication Flow and Troubleshooting
  • Configure Integrations with SAML Identity Providers
    • Prerequisites for SAML Authentication
    • Configure Azure AD for SAML
    • Configure Okta for SAML
    • Configure AD FS for SAML
    • Configure Duo Security for SAML
    • Configure Ping Identity for SAML
    • Configure OpenAM for SAML
    • SAML Certificate Renewal Options
    • Test SAML Identity Provider Integration
    • Delete SAML Identity Provider Integration
  • Manage End-User Connectivity
  • Manage DNS Servers
  • Traffic Steering for Zero Trust Access Client-Based Connections
    • Using Wildcards to Configure Traffic Steering for Private Destinations
  • Manage Virtual Private Networks
    • FQDNs for Network Connections
    • Manage IP Pools
    • Add an IP Pool
    • Manage VPN Profiles
    • Add VPN Profiles
    • Add a RADIUS Group
  • Manage Internet Security
    • Set Up Internet Security on User Devices
    • Manage Internet Security Bypass
    • Configure Cisco Secure Client Settings
  • Manage Domains
    • Add Internal Domains
  • Internal Networks Setup Guide
    • Provision a Subnet for Your Virtual Appliance
    • Manage Sites
    • Manage Internal Networks
    • Assign a Policy to Your Site
  • Manage a Network Device
    • Delete a Network Device
  • Manage Registered Networks
    • Add Network Resources
    • Point Your DNS to Cisco Secure Access
    • Clear Your DNS Cache
    • Update a Network Resource
    • Delete a Network Resource
  • Manage Roaming Devices
    • View Internet Security Settings for Roaming Devices
    • Edit Internet Security Settings for Roaming Devices
    • Delete a Roaming Device
  • Manage Destination Lists
    • Add a Destination List
    • Edit a Destination List
    • Add Destinations in Bulk
    • Download Destinations to a CSV File
    • Control Access to Custom URLs
    • Wildcards and Destination Lists
    • Add Top-Level Domains to Destination Lists
    • Add Punycode Domain Name to Destination List
    • Test Your Destinations (Hidden in SSE/SSE DNS)
    • Search for a Destination List
    • Troubleshoot Destination Lists
  • Manage Application Lists
    • Add an Application List
    • Application Categories
    • Delete an Application List
  • Manage Content Category Lists
    • Available Content Categories
    • Add a Content Category List
    • Request a Category for an Uncategorized Destination
    • Dispute a Content Category
    • View Content Categories in Reports
  • Manage Private Resources
    • Add a Private Resource
    • Add a Private Resource Group
    • Private Resource Configuration Examples
  • Manage AAA Servers
  • Manage Connections to Private Destinations
    • Comparison of Zero Trust Access and VPN
    • Comparison of Client-Based and Browser-Based Zero Trust Access Connections
    • Requirements for Zero Trust Access
    • Network Authentication for Zero Trust Access
    • Manage Branch Connections
  • Manage the Access Policy
    • About the Access Policy
    • Show Additional Data on Your Access Rules
    • Edit the Order of the Rules in Your Access Policy
    • Rule Defaults: Default Settings for Access Rules
    • Global Settings for Access Rules
    • Edit Rule Defaults and Global Settings
    • Edit the Default Access Rule
  • Get Started With Private Access Rules
    • Components for Private Access Rules
    • Default Settings for Private Access Rules
    • Add a Private Access Rule
    • About Configuring Sources in Private Access Rules
    • About Configuring Destinations in Private Access Rules
    • About Endpoint Requirements in Access Rules
    • Allowing Traffic from Users and Devices on the Network
    • Global Settings for Private Access Rules
    • View Rules Associated with a Private Resource
    • Troubleshoot Private Access Rules
  • Get Started With Internet Access Policy
    • Components for Internet Access Rules
    • Default Settings for Internet Access Rules
    • Add an Internet Access Rule
    • About Configuring Sources in Internet Access Rules
    • About Configuring Destinations in Internet Access Rules
    • Ensure Rule Matching for Encrypted Internet Traffic
    • Block Internet Access to Geographic Locations
    • Advanced Application Controls
    • Global Settings for Internet Access Rules
    • About Isolated Destinations
      • Isolate Downgrade
    • Troubleshoot Internet Access Rules
    • Zero Trust Access to Internet Destinations
  • Manage File Inspection for Internet Policy
    • Enable File Inspection
    • Test File Inspection
    • Troubleshooting
    • File Inspection Reports
  • Manage File Inspection and File Analysis for Private Access Rules
    • Enable File Inspection
    • Enable File Analysis by Cisco Secure Malware Analytics
    • Test File Inspection
    • Monitor File Inspection and Analysis Activity
    • Troubleshoot and Monitor File Inspection and Analysis
  • Manage File Type Controls
  • Manage the Intelligent Proxy
    • Enable the Intelligent Proxy
    • Test the Intelligent Proxy
    • Test Selective Decryption
    • Review the Intelligent Proxy Through Reports
    • Enable SSL Decryption
  • Manage Endpoint Security
    • Endpoint Attributes
  • Manage Zero Trust Access Posture Profiles
    • Add a Client-Based Zero Trust Access Posture Profile
    • Add a Browser-Based Zero Trust Access Posture Profile
  • Manage VPN Connection Posture Profiles
    • Add a VPN Connection Posture Profile
  • Manage IPS Profiles
  • Manage Security Profiles
    • Security Profiles for Internet Access
    • Add a Security Profile for Internet Access
    • Enable SafeSearch
    • Security Profiles for Private Access
    • Add a Security Profile for Private Access
  • Manage Threat Categories
    • Threat Category Descriptions
    • Add a Threat Category List
    • Dispute a Threat Categorization
  • Manage Notification Pages
    • Preview Notification Pages
    • Create Custom Block pages
    • Allow Users to Contact an Administrator
    • Block Page IP Addresses
  • Manage Traffic Decryption
    • Important Information About Do Not Decrypt Lists
    • Add a Do Not Decrypt List for Internet Access
  • Manage Accounts
    • Add a New Account
    • Edit Account Settings
    • Delete an Account
    • Hide Identities with De-identification
  • Manage Cloud Malware Protection
    • Enable Cloud Malware Protection
    • Revoke Authorization for a Platform
    • Enable Cloud Malware Protection for AWS Tenants
    • Enable Cloud Malware Protection for Azure Tenants
    • Enable Cloud Malware Protection for Box Tenants
    • Enable Cloud Malware Protection for Dropbox Tenants
    • Enable Cloud Access Security Broker Features for Microsoft 365 Tenants
    • Enable Cloud Malware Protection for Webex Teams
    • Enable Cloud Malware Protection for Google Drive
    • Enable Cloud Malware Protection for Slack Tenants
    • Enable Cloud Malware Protection for ServiceNow Tenants
  • Manage API Keys
    • Add Secure Access API Keys
    • Add KeyAdmin API Keys
  • Log Management
    • Enable Logging
    • Enable Logging to Your Own S3 Bucket
    • Enable Logging to a Cisco-managed S3 Bucket
    • Change the Location of Event Data Logs
    • Stop Logging
    • Delete Logs
    • Log Formats and Versioning
      • Reports and CSV Formats
      • Admin Audit Log Formats
      • Cloud Firewall Log Formats
      • DNS Log Formats
      • IPS Log Formats
      • Remote Access VPN Log Formats
      • Web Log Formats
      • Zero Trust Access Log Formats

Reports

  • Monitor Secure Access with Reports
    • Export Report Data to CSV
    • Bookmark and Share Reports
    • Report Retention
    • Report Scheduling
    • Schedule a Report
    • Update a Scheduled Report
  • Remote Access Log Report
    • View the Remote Access Log Report
  • Activity Search Report
    • View and Customize the Activity Search Report
    • View Zero Trust Events in Activity Search Report
    • View Activity Search Report Actions
    • Schedule an Activity Search Report
    • Use Search and Advanced Search
  • Security Activity Report
    • View Activity and Details by Filters
    • View Activity and Details by Event Type or Security Category
    • View an Event's Details
    • Search for Security Activity
  • Total Requests Report
  • Activity Volume Report
  • App Discovery Report
    • View the App Discovery Report
    • View the Highest Risk Apps
    • Review Apps in the Apps Grid
    • View App Details
    • Change App Details
    • Control Apps
    • Control Advanced Apps
    • View Traffic Data Through SWG Service
  • Top Destinations Report
    • Destination Details
  • Top Categories Report
    • Category Details
  • Third-Party Apps Report
  • Cloud Malware Report
  • Admin Audit Log Report
    • Export Admin Audit Log Report to an S3 Bucket

DNS Forwarders

  • Virtual Appliance Introduction
    • Prerequisites
    • Deployment Guidelines
    • Importance of Running Two VAs
  • Deploy Virtual Appliances
    • Deploy VAs in Hyper-V for Windows 2012 or Higher
    • Deploy VAs in VMware
    • Deploy VAs in Microsoft Azure
    • Deploy VAs in Amazon Web Services
    • Deploy VAs in Google Cloud Platform
    • Deploy VAs in KVM
    • Deploy VAs in Nutanix
  • Configure Virtual Appliances
  • Local DNS Forwarding
  • Reroute DNS
  • Update Virtual Appliances
  • Virtual Appliance Sizing Guide
  • SNMP Monitoring
  • Troubleshoot Virtual Appliances
  • Other Configurations
  • Active Directory Integration with the Virtual Appliances
    • Prerequisites
    • Active Directory User Exceptions
    • Prepare Your Active Directory Environment
    • Connect Active Directory to Umbrella VAs
    • Multiple Active Directory and Secure Access Sites
    • Change the Connector Account Password
    • Communication Flow and Troubleshooting

Managed iOS Device

  • Cisco Security Connector—Secure Access Setup Guide
    • Quick Start
    • Anonymize Devices
  • Meraki Registration
    • Verify Secure Access with Meraki
    • Meraki Documentation
  • Apple Configurator 2 Registration
  • IBM MaaS360 Registration
  • Intune Registration
  • Jamf Registration
  • MobiConnect Registration
  • MobileIron Registration
    • MobileIron Configuration
  • Workspace ONE Registration
  • Register an iOS Device Through a Generic MDM System
  • Apply Secure Access Policies to Your Mobile Device
    • Secure Access Reporting
  • Add User Identity for Cisco Security Connector
  • Troubleshooting
  • Configure Cellular and Wifi Domains

Managed Android Device

  • Cisco Secure Client (Android OS)
  • Deploy the Android Client
    • Android Configuration Download
    • Cisco Meraki MDM
    • MobileIron MDM
    • VMware Workspace ONE
    • Microsoft Intune MDM
    • Samsung Knox MDM
    • Manage Pop-Ups and App Controls
  • Manage Identities
  • Troubleshooting
  • Frequently Asked Questions

Unmanaged mobile device Protection

  • Secure Access Unmanaged Mobile Device Protection
  • Administrator Actions
  • End-User Actions

Cisco Secure Client

  • Cisco Secure Client Overview
  • Get Started and Manage Client-based Zero Trust Access from Mobile Devices
    • Set up the Zero Trust Access App for iOS Devices
    • Set up the Zero Trust Access App for Android on Samsung Devices
    • Monitor and Troubleshoot the Zero Trust Access App from Mobile Devices
  • Get Started with Cisco Secure Client on Windows and macOS Devices
    • Prerequisites
    • Download Cisco Secure Client
    • Download the OrgInfo.json File
    • Manual Installation of Cisco Secure Client (Windows and macOS)
    • Mass Deployment Overview
    • Mass Deployment (Windows)
    • Customize Windows Installation of Cisco Secure Client
    • Mass Deployment (macOS)
    • Customize macOS Installation of Cisco Secure Client
    • VPN Headend Deployment
    • Secure Firewall Management Center and Secure Firewall Threat Defense
    • Meraki Systems Manager (SM) Deployment
    • Migration from Umbrella Roaming Client
    • Install the Root Certificate for All Browsers
    • Cloud Management
    • Additional References
    • Remote Monitoring and Management Deployment Tutorials
  • Manage Internet Security on Cisco Secure Client
    • Umbrella Roaming Security Module Requirements
    • Domain Management
    • Interpret Internet Security Diagnostics
    • IPv4 and IPv6 DNS Protection Status
  • Manage Zero Trust Access on Cisco Secure Client
    • Invite Users to Enroll in Zero Trust Access for Secure Client
    • Requirements for Secure Client with Zero Trust Access
    • Troubleshoot Client-Based Zero Trust Access
    • Unenroll a Device from Zero Trust Access
  • Manage Virtual Private Networks on Cisco Secure Client
    • Download the Virtual Private Network XML Profile
    • CA Certificates for VPN Connections

Cisco Security for Chromebook Client

  • About Cisco Security for Chromebooks
  • Prerequisites for Cisco Security for Chromebooks Client
  • Limitations for Cisco Security for Chromebooks
  • Integrate the Google Workspace Identity Service
  • Deploy the Cisco Security for Chromebooks Client
    • Bypass Internal Domains from DNS-over-HTTPS (DoH)
    • Enable Reporting for Private IP Address of Chromebook Device
    • Verify Cisco Security for Chromebooks Client Deployment
    • Export Device Data to CSV
    • Troubleshoot Cisco Security for Chromebooks Client Deployment
  • View Protection Status of Chromebook Devices
  • Add Policies to a Chromebook Device
  • Cisco Security for Chromebooks Client FAQ
  • Google Workspace Identity Service FAQ

Activity Search Report

Find the result of every DNS, URL, and IP request from your various sources in descending date and time. The report lists all security (and non-security) activity for the sources reporting to Secure Access for the selected time.



View the Remote Access Log Report < Activity Search Report > View and Customize the Activity Search Report

Updated 3 days ago