OpenDns setup on IOS 11 devices

This Knowledge Base article will show you how to set up your IOS device in order to use OpenDNS.

 

Note:

These instructions only work for Wi-Fi connections because iOS does not allow you to change the DNS servers when connected to cellular networks. Also, the changes are network specific, so you'll need to change the DNS servers every time you connect to a new wireless network. The good news is that iOS remembers the settings, so you won't have to repeat these changes whenever you reconnect to a known network.

Also, this works the same on all iOS devices.

 

Changing your IOS device DNS settings:

  1. From the IOS device home screen, tap Settings.
  2. Tap Wi-Fi, ensure it is enabled and your wireless network is connected.
  3. Click the  symbol next to your wireless network, as shown below.

  4. The screen shown below appears. Tap the Configure DNS field.

  5. Ensure Manual is selected and delete the current DNS servers by tapping on the  symbol.

  6. Tap Add Server and enter OpenDNS resolvers 208.67.222.222. Repeat this process to add another DNS server as follows 208.67.220.220, as shown below.

  7. Tap Save to exit the menu.

 

That's it! You've updated your IOS device DNS servers!

 

source:
https://support.opendns.com/hc/en-us/articles/228008947-IOS-11-Configuration-for-OpenDNS

OpenDns setup on Windows Server 2012 and 2012 R2

Setting up DNS Forwarding for Windows Server 2012 and 2012 R2

 

The basic instructions are as follows, with screenshots of what you should expect to see included below.

 

1. From the Start menu, start typing DNS, then select DNS from the search results.

2. Choose the server you want to edit, then select Forwarders.

3. Click the edit button.

4. Add OpenDNS addresses in the IP address list.

Please write down your current DNS settings before switching to OpenDNS, in case you want to return to your old settings for any reason.

The addresses for Open DNS are:

  • 208.67.222.222
  • 208.67.220.220
  • 208.67.222.220
  • 208.67.220.222

Then click OK.

6. Click OK once more

source:

https://support.opendns.com/hc/en-us/articles/228008907-Windows-Server-2012-and-2012-R2

Sonicwall Zero Touch Deployment Firewall

SonicWall® Zero-Touch
Deployment Guide
March 2019
SonicWall network security appliances are Zero-Touch enabled. Zero-Touch makes
it easy to register your unit and add it to SonicWall Capture Security Center or
SonicWall GMS On-Premise for management and reporting. This document
describes the Zero-Touch deployment process.
Topics:
• Deploying with Zero-Touch (CSC Management)
• Deploying with Zero-Touch (GMS On-Premise)
Deploying with Zero-Touch (CSC Management)
1) Register:
• Point your browser to https://cloud.sonicwall.com and log into your MySonicWall account or create an
account.
• In Capture Security Center, click the mySonicWall tile to launch the MySonicWall Dashboard.
• Click the Add Product button to launch the QUICK REGISTER dialog and then type in the serial
number of your SonicWall appliance. Click Confirm.
You can find the serial number and authentication code on the shipping box or appliance label.
• In the REGISTER A PRODUCT dialog, fill in the Friendly name and Authentication code, and select the
Tenant Name. By default, all products are placed under SonicWall Products Tenant.
• Click Register.
2) Enable Zero-Touch and CSC Management and Reporting:
• MySonicWall recognizes your appliance model and displays the Zero Touch option. Enable Zero Touch
and then click Register again. A success message is displayed to indicate Zero-Touch readiness.
• In MySonicWall, navigate to Product Management > My Products, select the appliance, and click the Try
button to enable the license for CSC Management and Reporting (if not enabled already). A success
message displays.
3) Connect and Power On:
• For a wireless appliance, connect the antennas.
NOTE: The appliance must be able to obtain an IP address via DHCP from the WAN connection or ISP
modem. If you need to use a static IP address, refer to the Quick Start Guide for your appliance.
SonicWall Zero-Touch
Deployment Guide
2
• Connect the X1 interface to your WAN network.
• Power on the unit.
CSC Management automatically acquires the unit (it can take up to 30 minutes for initial acquisition). Once the
unit is acquired, you can begin management.
To view the status of your appliance:
• In MySonicWall, pull down the curtain for Capture Security Center.
• Using the same Tenant as you selected during registration, click the Management tile.
• Click the appliance serial number or friendly name under DEVICE MANAGER to display its status.
Getting the Latest Firmware for the Firewall
1 In Capture Security Center, click the mySonicWall tile.
2 Navigate to Resources & Support > My Downloads and select your product firmware from the Product
Type drop-down menu.
3 Click the link for the firmware you want and save the file to a location on your computer.
4 Pull down the curtain for Capture Security Center.
5 Using the same Tenant as you selected during registration, click the Management tile.
6 In DEVICE MANAGER, click on the appliance in the left pane.
7 In the center pane, go to the Register/Upgrades > Firmware Upgrade page.
8 Click the Choose File button to select the firmware you just downloaded, then click Upgrade from Local
File.
SonicWall Zero-Touch
Deployment Guide
3
Deploying with Zero-Touch (GMS On-Premise)
1) Register:
• Log into your MySonicWall account or create an account at www.mysonicwall.com.
• Click the Add Product button to launch the QUICK REGISTER dialog and then type in the serial
number of your SonicWall appliance. Click Confirm.
You can find the serial number and authentication code on the shipping box or appliance label.
• In the REGISTER A PRODUCT dialog, fill in the Friendly name and Authentication code, and select the
Tenant Name. By default, all products are placed under SonicWall Products Tenant.
• Click Register.
2) Enable Zero-Touch:
• MySonicWall recognizes your appliance model and displays the Zero Touch option. Enable Zero Touch.
• Select the desired GMS Public IP from the GMS Server Public IP/FQDN drop-down list. The ZeroTouch
Agent Public IP/FQDN field is populated with the associated IP address.
• Click Register.
3) Connect and Power On:
• For a wireless appliance, connect the antennas.
• Connect the X1 interface to your WAN network.
PREREQUISITE: GMS 8.7 or higher is required. Be sure that your GMS system is Zero-Touch enabled. Refer
to the knowledge base article at:
https://www.sonicwall.com/support/knowledge-base/?sol_id=190205183052590
IMPORTANT: Verify that both of these IP addresses are the same as those you configured during
the prerequisite process.
NOTE: The appliance must be able to obtain an IP address via DHCP from the WAN connection or ISP
modem. If you need to use a static IP address, refer to the Quick Start Guide for your appliance.
SonicWall Zero-Touch
Deployment Guide
4
• Power on the unit.
GMS automatically acquires the unit (it can take up to 30 minutes for initial acquisition). Once the unit is
acquired, you can begin management.
To view the status of your appliance:
• Log into GMS and navigate to the FIREWALL view.
• Click on the appliance in the left pane to display the status.
Getting the Latest Firmware for the Firewall
1 In a web browser, navigate to www.mysonicwall.com.
2 Navigate to Resources & Support > My Downloads and select your product firmware from the Product
Type drop-down menu.
3 Click the link for the firmware you want and save the file to a location on your computer.
4 In GMS, navigate to the FIREWALL view and click on the appliance in the left pane.
5 In the center pane, go to the Manage > Register/Upgrades > Firmware Upgrade page.
6 Click the Choose File button to select the firmware you just downloaded, then click Upgrade from Local
File.
SonicWall Zero-Touch
Deployment Guide
5
SonicWall Support
Technical support is available to customers who have purchased SonicWall products with a valid maintenance
contract and to customers who have trial versions.
The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a
day, 365 days a year. To access the Support Portal, go to https://www.sonicwall.com/support.
The Support Portal enables you to:
• View knowledge base articles and technical documentation
• View video tutorials
• Access MySonicWall
• Learn about SonicWall professional services
• Review SonicWall Support services and warranty information
• Register for training and certification
• Request technical support or customer service
To contact SonicWall Support, visit https://www.sonicwall.com/support/contact-support.

 

Source:
https://www.sonicwall.com/support/technical-documentation/zero-touch-deployment-guide.pdf

Configure Google Drive File Stream

Configure Drive File Stream

You can specify custom options for Drive File Stream, including the default drive letter on Windows, the mount point on macOS, the cache location, bandwidth limits, and proxy settings. These configurations can be set at the user or host level, and persist when Drive File Stream restarts.

Where to update settings

To set the Drive File Stream options, you update registry keys (Windows) or use the defaults command (macOS). If you’re not familiar with making these updates, contact your administrator or check your operating system documentation. Additionally, administrators can choose to set override values that end users can't change.

Windows

Host-wideHKEY_LOCAL_MACHINE\Software\Google\DriveFS
User onlyHKEY_CURRENT_USER\Software\Google\DriveFS
OverrideHKEY_LOCAL_MACHINE\Software\Policies\Google\DriveFS

macOS

Host-wide/Library/Preferences/com.google.drivefs.settings
User only~/Library/Preferences/com.google.drivefs.settings
Override/Library/Managed Preferences/com.google.drivefs.settings.plist

macOS examples

Host-wide mount point:
sudo defaults write /Library/Preferences/com.google.drivefs.settings DefaultMountPoint '/Volumes/Google Drive File Stream'

Host-wide trusted certificates file:
sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootCertsFile /Library/MyCompany/DriveFileStream/MyProxyCert.pem

User maximum download bandwidth:
defaults write com.google.drivefs.settings BandwidthRxKBPS -int 100

User-enabled browser authentication:
defaults write com.google.drivefs.settings ForceBrowserAuth -bool true

Settings

Set these name/value pairs using the registry keys or defaults command, as described above. On Windows, create the registry keys if they don't already exist. On macOS, the defaults command maintains a plist file for settings. You should not modify the plist file directly, as some changes might not be applied.

Setting nameValue typeValue description
AutoStartOnLogin*DWORD (Windows)
Bool (macOS)
Start Drive File Stream automatically on session login.
BandwidthRxKBPSDWORD (Windows)
Number (macOS)
Maximum downstream kilobytes per second.
BandwidthTxKBPSDWORD (Windows)
Number (macOS)
Maximum upstream kilobytes per second.
ContentCachePathStringSets the path to the content cache location on a connected APFS, HFS+, or NTFS file system.

When Drive File Stream restarts, local data in the old content cache will move to the new content cache location. If you delete your custom setting, data will move back to the default location.

The default cache location is:

Windows: %LOCALAPPDATA%\Google\DriveFS
Mac: ~/Library/Application Support/Google/DriveFS

ContentCacheMaxKbytesQWORD (Windows)
Number (macOS)
Sets the limit on content cache size in kilobytes. The limit is capped at 20% of the available space on the hard drive (regardless of the setting value).The setting does not apply to files made available offline or files that are in the process of uploading.

This setting is only available for admins, as an override or host-wide setting.

DefaultMountPointStringWindows: Set the mounted drive letter.
You can use an environment variable to specify the drive letter.

macOS: Set the mounted drive path. You can include tilde (~) or environment variables in the path.

DisableRealTimePresence*DWORD (Windows)
Bool (macOS)
Disables real-time presence in Microsoft Office.

This can also be disabled for organizational units from the Admin console. See step 3 of Deploy Drive File Stream.

ForceBrowserAuth*DWORD (Windows)
Bool (macOS)
Use browser authentication.

If your organization uses security keys or SSO, this setting may resolve sign-in problems.

MinFreeDiskSpaceKBytesQWORD (Windows)
Number (macOS)
Controls the amount of local space used by Drive File Stream's cache. Stops writing content to the disk when free disk space gets below this threshold, in kilobytes.
Proxy settings:
DisableSSLValidation*DWORD (Windows)
Bool (macOS)
This disables validating SSL traffic. Traffic will still be encrypted, but we will not validate that the SSL certificates of the upstream servers are all valid.

Only settable host-wide.

TrustedRootCertsFileStringThis is the full path to an alternate file to use for validating host SSL certificates. It must be in Privacy Enhanced Mail (PEM) format. Set this if your users are on networks with decrypting proxies.

The file should contain the contents of the roots.pem file shipped with Drive File Stream, plus the certificates used to authenticate your proxy. These additions should correspond to the proxy-signing certificates you added to the certificate stores in your fleet of machines.

You can find roots.pem in:

\Program Files\Google\DriveFS\<version>\config\roots.pem
(Windows)

or

/Applications/Google\ Drive\ File\ Stream.app/Contents/Resources/roots.pem
(macOS)

Only settable host-wide.

DisableCRLCheck*DWORD (Windows)
Bool (macOS)
This disables checking Certificate Revocation Lists (CRLs) provided by certificate authorities.

If not explicitly set, this defaults to true if TrustedRootCertsFile is provided, otherwise false. Sites that use self-signed certificates for their content inspection proxies typically don’t provide a CRL.

Enterprises that specify a CRL in their proxy certificate can explicitly set DisableCRLCheck to 0 for the added check.

For boolean values, use 1 for true and 0 for false (Windows), or use true and false (macOS).

Related topics

Source:

https://support.google.com/a/answer/7644837