ceven

Dnsfilter

Automates network security policy updates, monitors for suspicious domain activity, and manages IP address assignments across your organization.

Try Dnsfilter in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Dnsfilter integration

    • Describe the outcome and Ceven picks the right Dnsfilter calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Dnsfilter data, across all 170 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Dnsfilter access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Dnsfilter, when, and on whose behalf.
    • The agent pauses and asks when Dnsfilter is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Dnsfilter.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Dnsfilter action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Dnsfilter, and when to use it.

Create IP Address
Use this when you need to register a new IP address after confirming the target network ID exists.
Get Application Category
Pull basic information for a specific application category using its ID.
Get Billing Information
Retrieve organization billing details for financial reporting or automation tasks.
Get Category
Pull details for a specific filtering category by its unique ID.
Get IP Address
Fetch metadata for a particular IP address after authentication.
List All Categories
Pull the complete set of filtering categories including internal ones.
List All IP Addresses
Retrieve a comprehensive list of all user associated IP address entries.
List All MAC Addresses
Pull all MAC address entries and basic device information for the organization.
List Application Categories
Retrieve all available application categories for policy mapping.
List Applications
Pull a list of all applications monitored within the DNSFilter organization.
List Block Pages
Retrieve all active block pages for review or content updates.
List Invoices
Pull paginated invoice data for an organization starting with the most recent.
List Networks
Retrieve all network configurations associated with your organization.
List Organizations
Pull all organizations tied to the authenticated account.
Suggest Domain Threat
Submit a fully qualified domain name as a potential threat for verification.
Validate Auth0 JWT
Confirm a token is valid before executing further API calls.
List Categories
Tool to list categories with basic information. use when retrieving all dnsfilter categories for policy configuration.
List IP Addresses
Tool to list user associated ip addresses basic information. use when you need to retrieve paginated ip address records filtered by location or device after authentication.
List MAC Addresses
Tool to list mac addresses associated with an organization. use when you need to retrieve basic mac address information, optionally filtered by organization or paginated.

19 actions · scroll to see them all

Frequently asked questions

Ceven connects to DNSFilter using secure API credentials that are encrypted at rest. The agent uses these credentials to request short lived access tokens, ensuring that your primary secrets are never exposed in the workflow logs. For environments requiring higher security, the agent can utilize the Auth0 JWT validation tool to ensure every request is signed and authorized. You can rotate your API keys in the DNSFilter dashboard at any time, and Ceven will prompt you to update the connection if it detects a 401 unauthorized error during a workflow run. This ensures a secure bridge between your security policies and your automation layer.
Ceven uses the Suggest Domain Threat tool to flag suspicious URLs. Because DNSFilter operates as a managed security service, some threat classifications require a brief verification period by their security team before the block is global. However, by automating the suggestion process, you eliminate the manual work of reporting threats. The agent can monitor the status of these suggestions and notify you the moment a domain is officially categorized as a threat. This allows your team to focus on incident response rather than the tedious task of manually entering URLs into a block list one by one.
Ceven can manage as many IP addresses as your DNSFilter license allows. However, users should be aware of the DNSFilter API rate limits which can trigger if you attempt to bulk create thousands of IP addresses in a single minute. To prevent this, Ceven implements a smart queuing system that staggers API calls to stay within the allowed thresholds. If you have an exceptionally large environment, we recommend using the paginated list tools to process records in batches. This ensures that your security automation remains stable and does not get throttled during critical network migrations or security events.
The agent pulls data from both the List IP Addresses and List MAC Addresses endpoints. By correlating the IP address with the MAC address and the associated network ID, Ceven can build a detailed map of which device is generating specific traffic. This information can then be pushed into your ticketing system or HR directory to find the exact user assigned to that hardware. This removes the guesswork from network forensics and allows your security team to contact the right person immediately when a device triggers a high risk category block or a known threat alert.
Yes. The agent can pull your full invoice history and current billing information. You can set up a monthly workflow that retrieves the most recent invoices and compares the number of protected users against your actual employee count in your HR system. This helps you identify over provisioning or unexpected spikes in usage that might indicate a configuration error or an unauthorized network expansion. The agent can then summarize these findings in a report and send it to your finance team, ensuring you only pay for the seats you actually use.
Ceven can read all current categories and application categories to provide a full audit of your security posture. While the API allows for the retrieval of category details, some deep policy modifications are restricted to the DNSFilter web console for safety reasons. Ceven solves this by identifying the gaps in your current categories and providing you with a direct link or a set of instructions to make the change. This hybrid approach ensures that your network remains secure while still leveraging the power of AI to find the blind spots in your current content filtering strategy.
Ceven employs a robust retry logic with exponential backoff. If the DNSFilter API returns a temporary error, the agent will wait a few seconds before trying again. If the error persists, such as a 404 not found when looking for a specific IP, the agent will catch the exception and provide a clear explanation in the workflow logs. For example, it will tell you exactly which IP address was missing rather than failing the entire process. This allows other parts of the workflow to continue running, ensuring that one missing record does not stop your entire security automation pipeline.
Yes. By using the List Organizations tool, Ceven can identify all accounts tied to your authenticated user. You can build workflows that iterate through multiple organizations to ensure policy consistency across different branch offices or client sites. This is particularly useful for managed service providers who handle DNS security for several different companies. The agent can check if a specific threat is blocked across all organizations and flag any that are missing the update, ensuring that a security hole in one location does not leave your entire client base vulnerable to the same attack.

Alternatives to Dnsfilter

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

Cisco Umbrella logoCisco UmbrellaCloudflare Gateway logoCloudflare GatewayNextDNS logoNextDNS

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Dnsfilter and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free