The Domain Name System (DNS) makes it possible for users to access websites using domain names, like wikipedia.org, in place of nine-digit IP addresses. DNS filtering means using DNS to block access to selected websites.
How does DNS filtering work?
Let’s review the basics in simple words. Every domain purchased from a domain register and hosted gets assigned a unique IP address that will allow that site to be located. Imagine an internal “phonebook” where each unique IP address is linked to a domain. Whenever you try to reach a website, a DNS query is automatically generated and your DNS server starts looking up the domain or IP address in the internal “phonebook” we mentioned above. From there, the page can be loaded.
If you have DNS filtering in place, things get a little more complicated during the query. Instead of the server simply returning the IP address as long as the website exists, the request gets subjected to a few extra controls to help ensure the site is safe, and access is permitted through your organization.
In this case, the DNS server uses blocklists—as well as previous crawls of new sites—to determine if access to the one in question is permitted. If the site hasn’t been crawled or categorized before, the server will assess the web content in real time to determine if it is malicious or otherwise violates predefined policies. If this is the case, instead of connecting, the browser will redirect to a local IP address displaying a block page that explains why the desired site cannot be accessed. Alternatively, some companies choose an opposite approach creating specific allowlists. In that case, DNS filtering will block any IP address or domain not explicitly on the list.
Reasons to use DNS filtering
- Strengthen a company’s default level of cybersecurity
Although there’s no way to ever completely eliminate the chances of a user connecting to a malicious site—bad actors are constantly creating new web pages that have yet to be reviewed and marked, meaning they have a better chance of slipping through—it is possible to block the vast majority of threats.
- Keep your employees from accessing certain categories of websites for productivity or regulatory purposes
By creating an acceptable usage policy (AUP) and setting it up with your ISP, you can keep users from accessing everything from gaming and gambling sites to social media and adult content sites while on your network.
If this information is helpful to you read our blog for more interesting and useful content, tips and guildelines on similar topics. Contact the team of COMPUTER 2000 Bulgaria now if you have a specific question. Our specialists will be asiisting you with your query.
Content curated by the team of COMPUTER 2000 on the bases of marketing materials provided by our partners/vendors.
Follow us to learn more
CONTACT US
Let’s walk through the journey of digital transformation together.