I wouldn’t think so. I would also assume that direct DNS requests to external servers aren’t allowed in the firewall. But even if they are, they probably can’t use a non-company DNS server if he needs to reach internally hosted services. So it would at least require using different browser for internal and external browsing, assuming DNS requests to external servers really are allowed.
Try DNS sinkholing
If he can’t even install an addon for a browser, what do you think he can do with DNS?
It depends whether or not they left the DNS setting unlocked, which is actually highly likely.
Would have to use a public server, but it should in theory work.
Great.
Now you can be responsible for why group policies arent applying and the user is not able to access drive shares.
Unless they just use Firefox’s proxy settings.
EDIT: It’s not DNS but should still work.
I wouldn’t think so. I would also assume that direct DNS requests to external servers aren’t allowed in the firewall. But even if they are, they probably can’t use a non-company DNS server if he needs to reach internally hosted services. So it would at least require using different browser for internal and external browsing, assuming DNS requests to external servers really are allowed.
Firefox supports DNS over HTTPS. Enabling it will bypass the operating systems DNS. You can set a custom server that has ad blocking.
If they locked down extensions, it’s highly likely they also locked down modifying the DNS settings.