Merge pull request #274814 from tarTech23/adddns

prmerger-automator[bot] · web-flow · commit 22cbb2546f73 · 2024-07-16T11:36:31.000Z
Add DNS lookup
diff --git a/articles/defender-for-iot/organizations/configure-reverse-dns-lookup.md b/articles/defender-for-iot/organizations/configure-reverse-dns-lookup.md
@@ -26,7 +26,7 @@ Before performing the procedures in this article, you must have:
 
 ## Define DNS servers
 
-1. On your sensor console, select **System settings** > **Network monitoring** and under **Active Discovery**, select **Reverse DNS Lookup**.
+1. On your OT sensor console, select **System settings** > **Network monitoring** and under **Active Discovery**, select **Reverse DNS Lookup**.
 
 1. Use the **Schedule Reverse Lookup** options to define your scan as in fixed intervals, per hour, or at a specific time.
 
diff --git a/articles/defender-for-iot/organizations/how-to-control-what-traffic-is-monitored.md b/articles/defender-for-iot/organizations/how-to-control-what-traffic-is-monitored.md
@@ -159,6 +159,41 @@ VLAN's support is based on 802.1q (up to VLAN ID 4094).
 
 1. **For Cisco switches**: Add the `monitor session 1 destination interface XX/XX encapsulation dot1q` command to the SPAN port configuration, where *XX/XX* is the name and number of the port.
 
+## Define DNS servers
+
+Enhance device data enrichment by configuring multiple DNS servers to carryout reverse lookups and resolve host names or FQDNs associated with the IP addresses detected in network subnets. For example, if a sensor discovers an IP address, it might query multiple DNS servers to resolve the host name. You need the DNS server address, server port and the subnet addresses.
+
+**To define the DNS server lookup**:
+
+1. On your OT sensor console, select **System settings** > **Network monitoring** and under **Active Discovery**, select **Reverse DNS Lookup**.
+
+1. Use the **Schedule Reverse Lookup** options to define your scan as in fixed intervals, per hour, or at a specific time.
+
+    If you select **By specific times**, use a 24-hour clock, such as **14:30** for **2:30 PM**. Select the **+** button on the side to add additional, specific times that you want the lookup to run.
+
+1. Select **Add DNS Server**, and then populate your fields as needed to define the following fields:
+
+    - **DNS server address**, which is the DNS server IP address
+    - **DNS server port**
+    - **Number of labels**, which is the number of domain labels you want to display. To get this value, resolve the network IP address to device FQDNs. You can enter up to 30 characters in this field.
+    - **Subnets**, which is the subnets that you want the DNS server to query
+
+1. Toggle on the **Enabled** option at the top to start the reverse lookup query as scheduled, and then select **Save** to finish the configuration.
+
+For more information, see [Configure reverse DNS lookup](configure-reverse-dns-lookup.md).
+
+### Test the DNS configuration
+
+Use a test device to verify that the reverse DNS lookup settings you'd defined work as expected.
+
+1. On your sensor console, select **System settings** > **Network monitoring** and under **Active Discovery**, select **Reverse DNS Lookup**.
+
+1. Make sure that the **Enabled** toggle is selected.
+
+1. Select **Test**.
+
+1. In the **DNS reverse lookup test for server** dialog, enter an address in the **Lookup Address** and then select **Test**.
+
 ## Configure DHCP address ranges
 
 Your OT network might consist of both static and dynamic IP addresses.
