DNS Firewall: What Is It & Why Should You Have One?

What's DNS? 

Simply put, DNS is the GPS of the internet. This massive directory houses those easy-to-remember URLs (IE: www.threatSTOP.com) and translates them into those not-so-easy-to-remember IP addresses. Why is it such a big deal? Your device only understands and accesses websites through this unique IP language. It allows browsers to connect with websites -- The core component to the internet’s role and functionality.

Obviously, protecting these addresses is huge. If malware can infiltrate your network through a gap in its security, it can take down your entire system. (and everything with it) With the most infamous of recent examples, the DDoS attacks on Dyn (that DNS service company), hackers utilized botnets to misdirect the all-knowing GPS of the internet. By targeting a DNS server company like Dyn, malware made its websites unreachable by overwhelming it with requests it can’t complete. This attack that took down massive sites, including Twitter and Amazon, shows just how critical DNS is to a stable, secure internet world.

Got It. Sounds Serious. So, How Can We Protect It?

How does malware turn thousands of devices into a botnet of malicious software? Threat actors are looking for any open door (or tiny cracked window) into your network. They intently scan and gauge your network to pick up on these vulnerable holes in your security. If a breach can happen as easily as a simple phishing email or accidentally clicking an infected website page, how can you take control? To the rescue: DNS Firewalls. Essentially, it blocks outbound traffic and requests. Every interaction on the web involves DNS and malware can’t touch your data without access to it. It’s a simple solution to a vital issue.

ThreatSTOP’s DNS Firewall Service delivers curated threat intelligence to user-defined policies, stopping the attacks heading to your DNS server. Sound cool, but how does it actually work? You always have the latest intelligence: We take our security research and integrate it automatically into the platform. Your DNS server becomes your DNS firewall with no added hardware or software. It’s compatible with Windows Server 2016 and scales to protect your entire network, no matter the size.

When the University of Baltimore wanted to beef up their security and still keep their open, academic sharing network, they utilized ThreatSTOP’s DNS Firewall Service to get a little more peace of mind. Since a university’s open environment is a gateway for cyber-attacks, security is huge.

“ThreatSTOP eliminated manual blacklisting and remediation, reducing help desk tickets related to malware by 90%,” Mike Conners, IS Analyst at University of Baltimore.

In our IoT world, these threats are the new reality. Every machine and device is vulnerable – We just need to take the right steps to protect them, prevent a costly breach and sleep a little better at night.

If you’re interested learning more about ThreatSTOP’s DNS Firewall Service, please contact us for more information or a free trial here.

Share this: