Block AI tools at the DNS layer before a single TCP connection is made. Import 16,024+ classified domains into Umbrella destination lists and enforce across every network and roaming client.
A device queries chat.openai.com. The query hits Umbrella's recursive resolver before any connection starts.
Umbrella checks the domain against your destination list. If it matches, the block policy fires instantly.
Umbrella returns a block page IP. No TCP session, no TLS handshake, no data leaves the network.
HTTPS, WebSocket, gRPC — any protocol that starts with a DNS lookup is blocked. No deep packet inspection or TLS decryption required.
Covers every device on your DNS infrastructure — IoT, printers with AI integrations, and unmanaged personal devices on corporate Wi-Fi.
Umbrella's roaming client enforces DNS policies off-network. Employees at coffee shops or home get the same AI restrictions as HQ.
Umbrella's built-in AI categories lag months behind the market. New AI tools launch daily on obscure domains that no vendor classifies in real time.
16,024+ AI-tool domains, classified into 18 functional categories, updated every 24 hours from a corpus of 102 million scanned domains. Every new AI tool we detect is automatically blocked within a day of discovery.
Destination lists are named domain collections referenced by DNS policies. Populate one with AI-tool domains and attach it with a block action.
When Umbrella's resolver processes a query matching any domain on the list, it enforces your policy action instead of returning the real DNS answer.
Block and Allow list types supported
Up to 60,000 entries per list (most packages)
Category-filtered feeds for lower-limit packages
Management API for bulk import (required for 16,024+ domains)
Go to Policies > Policy Components > Destination Lists and click Add.
Name it "AI Tools Blocklist", set type to Block, and save.
For 16,024+ domains, use the Management API. The script below automates the full workflow.
The script authenticates via OAuth2, downloads domains from our feed, and populates the list in batches of 500. Once complete, the destination list is immediately available for DNS policies.
DNS policies define what happens when a query matches your destination list. Policies are evaluated in priority order — first match wins.
Navigate to Policies > DNS Policies and click Add. Configure four components: identity, destination list, action, and block page.
DNS returns a block page IP — no connection is ever established. Recommended for high-risk AI categories.
Users see a warning but can proceed. Ideal for transition periods. All proceed-through events are logged.
DNS resolves normally, but every query is logged. Use for audit phases or lower-risk AI categories.
Umbrella evaluates policies from highest priority (lowest number) to lowest. Use this to layer nuanced controls:
Data scientists get full access, engineers see a warning, and everyone else is hard-blocked. First-match behavior makes this straightforward without complex boolean logic.
Umbrella integrates with Active Directory, SAML providers, and its roaming client for per-group AI blocking policies.
Block all AI tools to prevent confidential document exposure.
Allow image generation tools, block text AI and code assistants.
Unrestricted access for threat research and tool evaluation.
Install the Umbrella AD Connector on a domain controller. It reads group memberships and maps them to Umbrella identities automatically.
Map your policy to groups: "AI-Blocked-Users", "AI-Warned-Users", and "AI-Allowed-Users". Reference these as identities in your DNS policies.
Create separate destination lists per AI category using our filtered API endpoints. Apply different combinations per department policy.
Each category list becomes a separate destination list. Finance blocks text-language, code-development, and agents-automation. Design blocks only text and code, allowing image tools.
The Umbrella roaming client redirects DNS queries to Umbrella's anycast resolvers when devices leave the corporate network. AI tool blocks remain enforced at airports, home networks, and coffee shops. The client reports device identity, so identity-based policies work off-network too.
A static destination list decays within days. Automated synchronization keeps your blocklist current as new AI tools appear.
The script below runs as a daily cron job — it downloads the latest feed, diffs against existing domains, and adds only new entries.
# Cron entry: run the Umbrella sync script daily at 3:00 AM 0 3 * * * /usr/bin/python3 /opt/scripts/umbrella_ai_sync.py >> /var/log/umbrella-sync.log 2>&1
On a typical day, only a few dozen new domains are added. The initial run loads the full set; subsequent runs sync only diffs.
Understanding which tools employees attempt to access informs policy decisions and provides compliance evidence.
Filter by your destination list to see all blocked DNS queries. Shows domain, identity, timestamp, and triggering policy.
Aggregates blocked domains by volume. Major chatbots top the list, followed by a long tail of specialized tools.
Shows which users or groups generate the most blocks. Identifies departments needing training or legitimate AI access.
For SIEM integration, the Reporting API provides programmatic access to block event data. The example below pulls the last 24 hours of AI-related blocks.
50+ blocks/hour from one user (circumvention attempt)
New domain appearing for the first time (trending tool)
Department spike after internal AI tool announcement
DNS-layer blocking is highly effective, but sophisticated users can attempt to bypass it. These configurations close the gaps.
Modern browsers encrypt DNS queries via DoH, bypassing Umbrella entirely. Close this vector:
Block outbound port 443 to known DoH resolvers (1.1.1.1, 8.8.8.8) at the firewall
Block port 853 (DoT) entirely
Chrome: set DnsOverHttpsMode to "off" via GPO/MDM
Firefox: set network.trr.mode to 5 via enterprise policy
Deploy the Umbrella roaming client — it intercepts system-level DoH
Enable Umbrella's native "Artificial Intelligence" category as a baseline layer, then overlay your AI Tools Blocklist destination list for comprehensive coverage. If a domain is missing from one source, the other catches it.
Enable Umbrella's intelligent proxy for full URL inspection on risky domains. This allows blocking specific URL paths (e.g., example.com/ai-assistant) while allowing the rest of a shared domain.
Umbrella's intelligent proxy performs SSL decryption for proxied domains. This is only needed for URL-path-level blocking on shared domains — not required for standard domain-level blocking. Deploy the Umbrella root CA to all devices via GPO/MDM if enabled.
For layered defense, deploy the same feed to your Palo Alto firewall for inline inspection and to Umbrella for DNS enforcement. The firewall catches hardcoded IPs; Umbrella catches roaming and split-tunnel VPN traffic.
Tell us about your Umbrella deployment and we will help you configure AI tool blocking with our domain feed. Include your approximate user count and Umbrella package tier.
Tell us your requirements and we will prepare a tailored domain feed for your organization.