What is the best solution or product to protect from all types of DNS Tunneling attacks?

We can use different approaches that can be effective in protecting against DNS tunneling attacks. One option is to use a network firewall that has the capability to detect and block DNS tunneling traffic. This can be done by setting up rules that block or limit the amount of DNS traffic that is allowed to pass through the firewall. Additionally, you can use a DNS firewall or a DNS security solution, which is specifically designed to detect and block DNS tunneling traffic.

Network Firewalls:

-Palo Alto Networks Next-Generation Firewall
-Fortinet FortiGate Firewall
-Check Point Next-Generation Firewall
-Cisco Firepower Next-Generation Firewall
-Sophos XG Firewall

There are free ones we can try as well. like pfSense, Untangle, ClearOS, VyOS

DNS Security :

-Infoblox DDI
-EfficientIP SOLIDserver DDI
-Men&Mice DDI
-BlueCat DNS Integrity

Cisco Umbrella can protect DNS Tunnel attacks with simple configuration.

Fortigate firewall

Best solution: do not let your internal systems query the Internet directly (i.e. do not forward external DNS queries  to the Internet) and only allow internal systems to contact Internet systems via a proxy system (i.e. defining a explicit HTTP/SOCKS proxy). Endpoint systems that might be remove would then be always on VPN that use the internal resources.

If you do have to let internal systems that query external DNS on the Internet and/or if you have many remote users outside your network you cannot easily control, use a maybe an alternative  use  SASE (such as Zscaler) or if you want to tackle only the DNS problem, consider Infoblox products (e.g. BloxOne Threat Defense, or their DNS firewall). Inflobox will try to block malicious queries in different points based on DNS behaviour + Threat Intelligence information.