Securing all the network traffic is a must these days and even the recent recommendation from UK’s National Cyber Security Centre (NCSC) supports this claim. According to their claims, both private and government organizations should use Protective DNS solutions. Similar recommendations were published by the NSA last year.
The DNS traffic accompanies nearly all the rest of the network traffic. By analyzing all the communication, it is possible to identify threats even on devices that are hard to protect, such as (I)IoT devices. One of the least intrusive ways how to achieve this is by analyzing the DNS traffic. Protective DNS solutions block malicious sites, such as domains distributing malware, command and control (C&C) domains, and domains used in phishing campaigns.
Features a Protective DNS solution needs to offer
A good solution according to NCSC needs to prevent users within the protected environment to access malicious domains. One of the ways to achieve this is by having both Allow and Block lists. For the Block list, it is imperative to feed it with multiple sources of categorized threat intelligence feeds.
Just blocking the page is not enough. Administrators need to have an option to create a customized “Blocking page” to inform the users why they are unable to visit the website.
The solution has to protect both users that are in the protected network and those that work remotely ensuring that their devices always resolve DNS queries through the company’s resolvers.
Whalebone solutions meet all of NCSC’s criteria and more. With quick and very user-friendly implementation you can start in no time. Request a trial and you can try it yourself.
