Information
This policy setting determines whether a local switch is configured for DNS interception checks. These checks attempt to discover if the browser is behind a proxy that redirects unknown host names.
Note: This detection might not be necessary in an enterprise environment where the network configuration is known. It can be disabled to avoid additional DNS and HTTP traffic on start-up and each DNS configuration change.
The recommended state for this setting is: Enabled.
Rationale:
Disabling these checks could potentially allow DNS hijacking and poisoning.
Impact:
None - this is the default behavior.
Solution
To establish the recommended configuration via GP, set the following UI path to Enabled
Computer Configuration\Policies\Administrative Templates\Microsoft Edge\DNS interception checks enabled
Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.
Default Value:
Enabled.