What is DNS Filtering?
One technology that aids in ensuring users remain safe is the use of DNS (Domain Name Systems/Services). DNS correlates domain names, like OpenSystems.com, to the matching numeric IP address.
DNS is required when accessing web content. Content cannot load, or access will not be allowed before the DNS process occurs. If the website is on a blocklist, the DNS process is halted, and the request is denied. This makes DNS filtering a useful method for protecting users from malicious sites.
DNS Filtering Stops Attacks Before They Begin
DNS filtering can block a website by domain names and by IP addresses. It helps to ensure cybersecurity by blocking:
- Blocking malicious websites containing ransomware, malware, spyware, viruses, etc.
- Stopping drive-by attacks, which infect the device the moment the website is opened, giving the user no time to react.
- DNS filtering stops attacks before they begin, including drive-by attacks
- Blocking phishing websites, which are fake websites designed to steal user information, including login credentials.
- An example would be a user responding to an email alert from a fake online shopping service or credit card service, stating that they need to access their account and review suspicious activity, thereby capturing login credentials.
- May be illegal
- Compromises an employee’s security credentials
- Violates regulatory compliance
Malicious Websites
Phishing Websites
Websites with Suspicious Content
Blocking websites with suspicious or illegal content prevents users from accidentally accessing a website that contains material that:
- Blocking malicious websites containing ransomware, malware, spyware, viruses, etc.
- Stopping drive-by attacks, which infect the device the moment the website is opened, giving the user no time to react.
- DNS filtering stops attacks before they begin, including drive-by attacks
- Blocking phishing websites, which are fake websites designed to steal user information, including login credentials.
- An example would be a user responding to an email alert from a fake online shopping service or credit card service, stating that they need to access their account and review suspicious activity, thereby capturing login credentials.
Blocking websites with suspicious or illegal content prevents users from accidentally accessing a website that contains material that:
- May be illegal
- Compromises an employee’s security credentials
- Violates regulatory compliance
Download our latest SASE eBook. This new approach to networking comprises a set of truly integrated, cloud-managed security services delivered on-prem or in the cloud with centrally managed security. Learn how to:
- Reduce complexity and operational overhead
- Deliver ease of use/transparency for users
- Enhance security with zero-trust network access
Cybercriminals Can Exploit DNS Vulnerabilities
Cybercriminals are well aware of the safeguards DNS filtering provides and have attacks specifically targeted to exploit DNS vulnerabilities. DNS threats include:
DNS tunneling, which uses SSH, TCP, or HTTP to drill into DNS messaging and pass malware.
DNS hijacking, which directs DNS messaging to a different domain name server with false information intended to redirect users to malicious websites.
DNS spoofing, which returns an IP address that is not the intended website but a website with malicious intent.
Random subdomain, Domain lock-up, NXDOMAIN, and Phantom attacks overload DNS services with a DoS (Denial-of-Service) attack.
While DNS filtering deters cyber-attacks, it is also subject to threats. There are many techniques available to detect and deter DNS attacks.
Using a cloud-based DNS provider is a viable option to ensure your DNS capability is protected. DNS filtering providers have large numbers of name servers distributed across the globe. It would be nearly impossible to mount a successful DDoS attack. Another benefit is that when you add your blocklist to their global blocklist, the result is a very complete and deep list that is updated continually. That ensures greater cybersecurity for users and better protection against sophisticated attacks and malicious websites. Lastly, the burden of protecting and maintaining DNS falls to the provider, not to you.
Open Systems DNS Filtering - Another Layer in the Open Systems Cybersecurity Stack
Contact our customer advocates and learn about the global network of access points/ PoPs and how a cloud-based global DNS filtering service can enhance the cybersecurity posture for your organization.
DNS Filtering FAQ
What is DNS Filtering?
DNS Filtering is the process of using a DNS filter to block and allow certain IP addresses to access an organization’s networks.
What is a DNS Filter?
A DNS filter is a tool that blocks or allows certain domains or IP addresses on networks. DNS filters are usually a part of a whole cybersecurity strategy to effectively eliminate cyber threats.
What does DNS stand for in DNS Filtering?
In terms of DNS filtering, DNS stands for Domain Name System.
How does DNS Filtering work?
The DNS filtering system compares IP addresses with domain names to make sure that they match. It also compares them to either an “allow” or “block” list to see if both the domain and IP address are allowed onto the company network. If it isn’t allowed, the DNS filtering system will block users from accessing the domain and IP address.
Why is DNS Filtering important?
DNS filtering plays a few different important roles in an organization’s cybersecurity:
- 24×7 Security – Open Systems DNS filtering works 24×7 with locations all around the globe to provide companies with the assistance they need at any moment.
- Policy Enforcement – DNS filtering provides a simple solution to help users follow company policy and prevent them from accessing blocked, harmful, or innappropriate content.
- Comprehensive Device Protection – DNS filtering assures that every allowed device that connects to the company’s network is protected.
