A usage summary is now available on the billing page that displays your organization’s estimated monthly user count and explains how the metric is calculated. The new data is meant to inform and assist with license count adjustments.

As the top level of our hierarchy, a site plays an important role in managing your deployments and policies. Large organizations often have thousands of sites and our web UI truncated the list at 1,500 but is now unlimited.

Our changelog now has an RSS feed. If you are reading this you may want to subscribe. Just add our feed URL to your favorite reader.

Query log now supports searching subdomains to refine your investigations.

Example: searching for was previously not allowed in query log and resulted in an error. Now you can refine the search results to the desired subdomain.

DNSFilter now supports Single Sign-On (SSO).

Improve security and streamline workflows. Enforce SSO to the DNSF dashboard with third-party identity providers (IdPs), such as Okta and Azure AD, as well as others that support OIDC.

Simply configure an Identity Provider in the section of the page of your DNSFilter account. Once the values have been entered correctly, SSO can be turned on.

Check out our Knowledgebase for a detailed breakdown of how you can set up SSO for your account.

Customers can now add a note using the new notes column or in the pop-up dialog when adding a domain to the or list in the Policy settings on the dashboard.

Use this feature to remember why the domain was added to your lists. Notes can also be used as a reference in internal support tickets to help improve workflows.

Android has now joined the list of Operating systems (Windows and iOS) where local domains are supported.

Owners and Administrators can now enforce Two-Factor Authentication (2FA) across their entire organization.

Additionally, owners and admins can reset 2FA for their dashboard users directly in the app.

New improvements have been made to the DNSFilter+Zapier integration to enable MSPs to create Zaps that can be customized for each sub-organization. An field has now been added to the and profile settings to enable integration with external services.

Using this identifier, MSPs can now associate a DNSFilter sub-org/site to its existing location within a selected integration through Zapier.

Users of the Windows roaming client can now collect logs locally. These logs can be found in a new folder we have introduced in the default installation location of the DNSFilter agent. Windows RC logs have a 7-day lifecycle thus, logs older than 7 days are automatically deleted. Because our roaming clients auto-update, customers who currently have the Windows RC installed should see logs within 2 days of the release.

Introducing AppAware, DNSFilter’s one-click application blocking feature.

Blocking an application that you need to disallow on your network can be quite difficult because of the numerous, sometimes thousands of, domains behind its operations. AppAware removes this complexity by providing you with all the necessary associated domains required to block the application.

With just one click, you can block an application and all its associated domains with AppAware.

AppAware also gives you the ability to block a group of applications. Related applications are grouped into categories in AppAware, and by clicking the button on a “category” tab, you can block all the applications listed in that category.

Now you can block remote desktop applications that can be compromised and exploited by attackers to gain access to your network and messaging applications to boost productivity amongst your team or block.

One interesting category on AppAware is . This category allows you to block all applications in a provider’s ecosystem. Let’s assume you want to block all Microsoft-based applications, you can simply turn on the block button on in the category.

This automatically blocks applications like Microsoft Teams, Office 365, Microsoft Azure, and any other application or service provided by Microsoft.

Because we know how important it is for you to monitor the operations of AppAware, we added a dedicated reporting page just for AppAware ( -> ).

Here, you can view your traffic reports by application, sort them using AppAware categories, and block an application directly from the reports page by adding it to an existing policy.

The AppAware reporting page provides clear visibility into applications being utilized on your network. You can click individual applications to get more granular with the traffic details for that application. This can provide useful information in tracking unusual traffic coming through an application and help administrators apply security controls where necessary.

You can also monitor attempts at running blocked applications in your query logs under the newly added AppAware column.

MSPs can now view the domains in a global policy applied to a site in the and of the Domain Report tool.

Queries on search engines and Youtube that are allowed by the option when applied to a policy are now marked with the label in the query log. This distinguishes them from other queries allowed by other policy settings. It also helps users identify why some queries are allowed even when they have not been explicitly configured to be allowed on the network.

If you use our Active Directory integration via our Sync Tool feature, items within a collection column are now automatically alphabetized making it easier for users to navigate. This improvement will also enable enhanced column sorting for collections.

Customers who apply a block page to their Relays/LAN subnets will now see the correct block page they applied. Prior to this release, customers who had block pages applied to Relays/LAN subnets page would receive the block page selected for a site.

The status column for a policy now displays all collections assigned to that policy. You can also find this information by going to → .

As we continue to boost our global coverage, we have added new nodes to our anycast servers (Istanbul Turkey, and Sydney).

DNSFilter users now have the following capabilities for their AD instance:

We also updated the User interface of the Sync tool and improved overall performance for a better user experience, including a New Sync Logs tab.

The functions labeled in the above diagram are described below:

Other Sync Tool improvements:

Up until now, the viewable data on defaulted to . This option prevented trial users and users who are still in the process of deploying DNSFilter from seeing data until a full day had passed.

With this new release, the page data now defaults to enabling users to view data as soon as they begin resolving traffic through DNSFIlter.