Add DNS policy partial

src/content/docs/cloudflare-one/policies/gateway/initial-setup/dns.mdx

@@ -25,7 +25,7 @@ To filter DNS requests from an individual device such as a laptop or phone:
 
 1. [Install the WARP client](/cloudflare-one/connections/connect-devices/warp/deployment/) on your device.
 2. In the WARP client Settings, log in to your organization's <GlossaryTooltip term="team name">Zero Trust instance</GlossaryTooltip>.
-3. (Optional) If you want to display a [custom block page](/cloudflare-one/policies/gateway/block-page/), [install the Cloudflare root certificate](/cloudflare-one/connections/connect-devices/user-side-certificates/) on your device.
+3. (Optional) If you want to display a [custom block page](/cloudflare-one/policies/gateway/block-page/), [install a Cloudflare root certificate](/cloudflare-one/connections/connect-devices/user-side-certificates/) on your device.
 
 ### Connect DNS locations
 
@@ -44,20 +44,16 @@ Gateway identifies locations differently depending on the DNS query protocol:
 
 ## 2. Verify device connectivity
 
+To verify your device is connected to Zero Trust:
+
 <Render
 	file="gateway/verify-connectivity"
 	params={{ one: "DNS", two: "queries" }}
 />
 
-## 3. Add recommended policies
-
-To create a new DNS policy, go to **Gateway** > **Firewall policies** > **DNS** in Zero Trust. We recommend adding the following policy:
-
-### Block all security categories
-
-Block [known threats](/cloudflare-one/policies/gateway/domain-categories/#security-categories) such as Command & Control, Botnet and Malware based on Cloudflare's threat intelligence.
+## 3. Create your first DNS policy
 
-<Render file="gateway/policies/block-security-categories" />
+<Render file="gateway/get-started/create-dns-policy" />
 
 ## 4. Add optional policies
 

src/content/docs/learning-paths/secure-internet-traffic/build-dns-policies/create-policy.mdx

@@ -11,17 +11,4 @@ DNS policies determine how Gateway should handle a DNS request. When a user send
 
 You can filter DNS traffic based on query or response parameters (such as domain, source IP, or geolocation). You can also filter by user identity if you connect your devices to Gateway with the [WARP client or Cloudflare One Agent](/learning-paths/secure-internet-traffic/connect-devices-networks/install-agent/).
 
-To create a new DNS policy:
-
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**.
-2. In the **DNS** tab, select **Add a policy**.
-3. Name the policy.
-4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block.
-5. Choose an **Action** to take when traffic matches the logical expression. For example, we recommend adding a policy to block all [security categories](/cloudflare-one/policies/gateway/domain-categories/#security-categories):
-   <Render
-   	file="gateway/policies/block-security-categories"
-   	product="cloudflare-one"
-   />
-6. Select **Create policy**.
-
-For more information, refer to [DNS policies](/cloudflare-one/policies/gateway/dns-policies/).
+<Render file="gateway/get-started/create-dns-policy" product="cloudflare-one" />

src/content/partials/cloudflare-one/gateway/get-started/create-dns-policy.mdx

@@ -0,0 +1,20 @@
+---
+{}
+---
+
+import { Render } from "~/components";
+
+To create a new DNS policy:
+
+1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**.
+2. In the **DNS** tab, select **Add a policy**.
+3. Name the policy.
+4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block.
+5. Choose an **Action** to take when traffic matches the logical expression. For example, we recommend adding a policy to block all [security categories](/cloudflare-one/policies/gateway/domain-categories/#security-categories):
+   <Render
+   	file="gateway/policies/block-security-categories"
+   	product="cloudflare-one"
+   />
+6. Select **Create policy**.
+
+For more information, refer to [DNS policies](/cloudflare-one/policies/gateway/dns-policies/).