Install DigitalStakeout Securd Client for Windows

Install DigitalStakeout PDNS Client for Windows

The DigitalStakeout PDNS client enables on/off network windows clients to be protected by DigitalStakeout PDNS, while being able to access internal resources.

Supported Operating Systems

Supports Windows 7, 8, 8.1, 10, Server 2008, Server 2012, Server 2016, Server 2019 with .NET Framework 4.5
 
Required Firewall Ports

HTTPS (TCP/443) outbound

HTTPS (TCP/8443) outbound

DNS (TCP/UDP 53) outbound
 
Required IP Ranges

IPv4: 142.202.107.1-142.202.107.8
IPv6: 2620:82:6000:1-2620:82:6000:8
 
Download DigitalStakeout PDNS Client for Windows

Download Windows Client 64-bit (amd64)

Download Windows Client 32-bit (i386)


Installing the DigitalStakeout PDNS Client

The DigitalStakeout PDNS Client is a Microsoft Installer (MSI) package and its very simple to install.

Installing the client requires a virtual site installation key found at Protection > Virtual Sites.
 
Each Virtual Site Maps to a Security Policy

Each virtual site maps to a policy. This allows for you to apply different policies to different classes of devices.

Once you successfully install the client, it will be listed your company's Devices inventory.

Serial: NEE9JEK9EDE9KDE9, Hostname: DESKTOP-4D0ELEDL0L, Securd Client: 1.1.0.28, OS: windows, Manufacturer: Dell Inc., Version: Microsoft Windows 10 Pro, Model: Inspiron 3531, IP4 Address: 192.168.1.10, IP6 Address: 2600..., Public IP4 Address: 1.2.3.4, Public IP6 Address: 2600..., Mac Address(s) ["12:...","22...","10..."], Username: ["JohnDoe"], Current NS: dns2-iad.securd.com, Current Protocol: dnscrypt/udp, Last Update: 2020-09-14 20:12:28

 
Silent Install for the DigitalStakeout PDNS Client

msiexec.exe /i "Securd.DNS-Client.amd64-1.6.0.62.msi" /qn INSTALLKEY="xxxxxxx"

 
Registry Options for the Securd DNS Firewall Client

Location: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Securd\DNS Firewall Client

Address4 (REG_SZ - defaults to 127.0.53.1)
This is the IPv4 local address the dns-client listens on.

Address6 (REG_SZ - defaults to fd00::53:1)
This is the IPv6 local address the dns-client listens on.

Disable6 (REG_SZ - Disabled by Default / 1 to Enable - 0 to Disable)
Disable dns queries over IPv6.

AutoConfigure (REG_SZ - Enabled by Default / 1 to Enable - 0 to Disable)
Enables/Disables Interface Nameserver changes to Securd dns-client addresses.

Ignore4 (REG_SZ - Comma seperated list of nameservers.)
Do not change dns servers set to these IPv4 addresses.

Ignore6 (REG_SZ - Comma seperated list of nameservers.)
Do not change dns servers set to these IPv6 addresses.

IgnoreAdapters (REG_SZ - Comma seperated list of adapter names.)
Do not change dns servers on these adapters.

ExcludePrefer (REG_SZ - Prefer IPv4 or IPv6 Exclude Suffix Nameserver)
4 - Prefer IPv4
6 - Prefer IPv6
46 - Prefer Higher Metric with Tie Prefering IPv4
64 - Prefer Higher Metric with Tie Prefering IPv6

InstallKey (REG_SZ)
Obtained from Securd administrative interface and used to authorize client.

NameServer (REG_SZ - Comma seperated list.)
Static nameserver list to override system nameservers for Exclude Suffix lookup.

Debug (REG_SZ - Disabled by Default / 1 to Enable - 0 to Disable)
Enable debug logging.

MonitorMultiuser (REG_SZ - Disabled by Default / 1 to Enable - 0 to Disable)
Run monitor per user on multiuser RDSH servers.

AutoUpdate (REG_SZ - Enabled by Default / 1 to Enable - 0 to Disable)
Automatically update dns-client.

    • Related Articles

    • Point Windows DNS to DigitalStakeout PDNS

      Getting started with Windows (Agent and Agentless) DigitalStakeout PDNS currently supports Windows 7, 8, 8.1, 10, Server 2008, Server 2012, Server 2016, and Server 2019 with .NET Framework 4.5+. Required Ports DigitalStakeout PDNS endpoints will ...
    • Forward Windows DNS Server Queries to DigitalStakeout PDNS

      Before Your Begin Forwarding DNS Queries You should have the DNS role installed. To install the DNS role, please see one of the following articles: https://docs.microsoft.com/en-us/windows-server/networking/dns/dns-top You should also have a Static ...
    • Install the DigitalStakeout PDNS Root Certificate Authority

      When DigitalStakeout PDNS blocks access to a domain, we do not provide the browser an IP address. This is the intended behavior of blocking access to a domain. To prevent confusion, we redirect blocked domains to a block page. If the redirect happens ...
    • DigitalStakeout PDNS URL Proxy

      DigitalStakeout PDNS URL Proxy analyzes web traffic for high risk URLs. It examines the domain and full URL of request to determine if it is a threat. The targeted proxy performs HTTPS security analysis of good sites that are exploited to deliver ...
    • Enabling DNSSEC in DigitalStakeout PDNS

      DNSSEC (Domain Name System Security Extensions) is a security protocol that provides authentication for DNS data. It is used to protect the internet's global Domain Name System (DNS) infrastructure from various types of attacks, such as spoofing and ...