You can import local RPZs (Response Policy Zones) and their rulesets using the CSV Import feature. When you import local RPZs using this feature, you must specify three new columns, priority, rpz_policy, and substitute_name with relevant values, whereas importing an RPZ ruleset requires specifying the value for parent RPZ in the parent_zone column, as mentioned in the following tables. For a local RPZ, CSV import supports all the values that are listed in Authoritative Zone along with the three new columns. However, for RPZ rulesets it supports the values that are listed in CNAME Record along with a new column parent_zone.
For example, if you want to add a new local RPZ, JKL.INFO and substitute this domain with JKI.NET, then you must mention the priority, rpz_policy, and substitute name as follows:
...
A | B | C | D | E | F |
|---|---|---|---|---|---|
HEADER- RESPONSEPOLICYCNAMERECORD | FQDN* | CANONICAL_NAME | DISABLED | PARENT_ZONE | VIEW |
RESPONSEPOLICYCNAMERECORD | CLARITY.ABC.NET | CLEAR.IN | FALSE | NET.ABC | DEFAULT |
RESPONSEPOLICYCNAMERECORD | ARM.ABC.NET | FALSE | NET.ABC | DEFAULT |
Example of an A Record CSV format:
A | B | C | D | E | F |
|---|---|---|---|---|---|
HEADER- RESPONSEPOLICYARECORD | ADDRESS* | FQDN* | DISABLED | PARENT_ZONE | VIEW |
RESPONSEPOLICYCNAMERECORD | 10.32.2.1 | PQR.ABC.NET | FALSE | NET.ABC | DEFAULT |
Example of an RPZ Policy IP Address:
A | B | C | D | E | F |
|---|---|---|---|---|---|
HEADER- RESPONSEPOLICYIPADDRESS | FQDN* | CANONICAL_NAME | DISABLED | PARENT_ZONE | VIEW |
RESPONSEPOLICYIPADDRESS | 10.1.2.3.ABC.NET | 10.1.2.3 | FALSE | NET.ABC | DEFAULT |
Example of an RPZ Policy Client IP Address:
...