DNS Group Objects

Domain Name System (DNS) groups define a list of DNS servers and some associated attributes. DNS servers are needed to resolve fully-qualified domain names (FQDN), such as www.example.com, to IP addresses. You can configure different DNS group objects for management and data interfaces.

FDM-managed devices must have a DNS server configured prior to creating a new DNS Group Object. You can either add a DNS Server to the Firepower Threat Defense Device Settings in Cisco Defense Orchestrator (CDO) or create a DNS server in firewall device manager and then sync the FDM-managed configuration to CDO. To create or modify the DNS server settings in firewall device manager, see Configuring DNS for Data and Management Interfaces in the Cisco Firepower Device Manager Configuration Guide, Version 6.4. or later.