4 Myths About DNS Filtering

DNS filtering protects from malicious online threats such as viruses, malware, ransomware, phishing attacks, and botnets. The Domain Name System (DNS) allows us to use the Internet by remembering names instead of random numbers in an IP address. Computers can translate friendly domain names into machine-readable IP addresses using DNS to transfer information from websites, email servers, and file servers to your web browser or email client. Passwords are hard enough to remember – imagine if we had to remember IP addresses instead of domain names. 

Even though the concept of DNS filtering is simple to understand, you might have some misconceptions about a DNS filter that could affect getting it to work safely and reliably. We’ve collected a list of the most common issues IT professionals face when securing their DNS infrastructure.

WebTitan is a high performer in business DNS filtering customer reviews.

4 Myths About DNS Filtering

Myth 1: "DNS filtering isn’t as Effective as Endpoint Antivirus AV."

Antivirus software installed on endpoints is also a must-have, but antivirus software can only detect known viruses while it’s running – and end users are notorious for turning off antivirus and the local firewall on their computers to avoid sluggish performance. Bypassing antivirus and the operating system firewall are two of the most significant risks with endpoint antivirus software. Managing this isn’t always as simple as enforcing domain policies, as anyone with higher-level privileges also bypasses antivirus software and firewalls. Also, most antivirus vendors give administrators limited control over the types of content they block. Antivirus software only looks for potential threats but doesn’t block inappropriate content such as porn, gambling, politics, or social media.

Small businesses must also contend with piracy and employees using corporate resources for illegal material shared with other users or via torrents. If a user hosts pirated movies from your organization’s IP address, the small business owner could be liable for copyright infringement.  Some pirated content contains trojans or other types of malware, which can introduce ransomware or botnet software used in a distributed denial-of-service (DDoS).

Web-delivered malware can affect the entire business. If LockBit, CryptoLocker, WannaCry, Bad Rabbit, or Petya destroys a shared drive containing overtime logs or customer invoices, it’s impossible to recover without a disaster recovery plan with backups. Even with backups, most businesses lose some data to ransomware and pay the ransom for the encryption key to files. Some malware lays dormant for years until an event or user interaction triggers it. Advanced persistent threats remain in the local environment and silently steal data.

A DNS filter will not prevent all these threats, but having multiple layers of security lowers the risk of a compromise. It would be best to have DNS filtering, spam filtering, endpoint antivirus and antimalware, firewall rules for outbound and inbound traffic, patched software, regular, reliable backups, and a security-trained workforce. Layered security forces attackers to bypass multiple defenses before delivering their payload.
Don't miss our DNS Filter guide.

Myth 2: "DNS filtering is Too Complicated for my Small Business."

The technology powering DNS filters might be complex but integrating them is convenient. The process of a DNS filter can be broken down into three steps:

1. Query: You type a domain into the browser, triggering a DNS query.
2. Lookup: The DNS server assigned to your network interface—usually provided automatically by the ISP or local domain DHCP server—receives the request and looks up the IP address linked to that domain.
3. Response: If the domain name exists, the corresponding IP address is returned, and your browser then uses that IP address to communicate directly with the web server for that domain (and usually caches it for future reference).

Once the DNS reply with the IP address of the domain name server is received, DNS is no longer involved in communications between your browser (or other application software) and the server. Note that navigating to another URL or website triggers another DNS query.

Injecting a DNS filter between requests and replies identifies malicious domains and protects users from phishing sites, botnets, and other risky websites, including inappropriate content. Employees are blocked from accessing sites hosting malicious content by using DNS security with a database of categorized websites. The filter returns a local IP address to deliver a block page for forbidden sites.

The DNS filter’s event logging shows information about domain lookups but does not log domains users visited. You’ll need a fast local proxy to log web traffic for that level of detail. For most small-to-medium-sized businesses, this is unnecessary. For larger organizations, there are often valid reasons for including a local web filter and proxy that justify the extra expense and IT personnel overhead.

Myth 3: "DNS Web Filtering is Easy to Bypass."

Administrators implement DNS web filtering by assigning the web filter address to the primary DNS server assigned from the DHCP server. Provided users do not have the ability to change their primary DNS server, they should be blocked from most web-delivered malware. DNS filtering systems also let administrators block other sites, including social media, streaming services, and other inappropriate content.

• Tech-savvy users may try to get around your filters. Users with elevated privileges might also have permission to change their DNS settings or bypass filters.
• No web filtering approach is immune to circumvention—appliance-based and cloud DNS filtering services can be bypassed. Administrators can take preventative steps to limit users' access to forbidden websites. DNS requests can be limited to an approved DNS service and blocked. If you use an external DNS server, you should allow only port 53/UDP to access the IP addresses of your chosen DNS filtering service servers.

If the organization has its own locally hosted internal DNS server, administrators should allow only port 53/UDP outbound requests from the internal DNS server's internal IP address to the external IP addresses of the primary and secondary DNS servers that your internal DNS server is configured to use. In other words, local computers query the local DNS server, and the DNS server queries the web filtering DNS service on the Internet.

Myth 4: "Configuring DNS Filtering is a lot of Staff Overhead."

Including DNS filtering in your security arsenal is a straightforward option. Most routers and firewalls will allow you to block port 53 DNS traffic. Administrators can effectively prevent access to risky sites and protect the corporate network by editing their internal MX records and making a single configuration change in one place.

DNS Filtering Truths

Technology isn’t the only part of the solution to website access. An acceptable internet usage policy is also required. People should be informed ahead of time what is and isn’t allowed and made aware of the consequences. They aren’t only risking their jobs but potentially putting every other employee and the business at risk. Secondly, the speed and performance of DNS servers can vary. Slow or poor domain resolution leads to slow and less reliable web browsing. Run speed tests on DNS servers to compare performance.

Get Started with TitanHQ's DNS Filtering Solution.

How DNS Filtering 

WebTitan Cloud is our DNS-based web filtering product that allows you to monitor, control, secure, and protect your business from online threats. It’s based in the cloud, it’s easy to use, and it is priced competitively. The two essential functions of the product are web security and web content control. A user types a URL into their browser; this request is sent to the WebTitan Cloud servers, and based on a pre-defined policy, the request is allowed or blocked. If the request is blocked, the user is presented with a block page that informs them why it was blocked. If the user is allowed, they are passed on to the requested URL.

Critical Benefits of DNS Filtering with WebTitan:

• Block Malware & Malicious Sites: WebTitan Cloud blocks access to malware, ransomware, phishing attacks, viruses, malicious sites, spyware, etc. It eliminates malicious content at the source.
• Control Internet Access: WebTitan Cloud allows you to control internet access in your organization at a granular level from an easy-to-use management console.
• Simple Setup with Immediate Results: No software installation is required, and it can be set up and operational in minutes using out-of-the-box configurations.
• Benefits of the Cloud: Deployed as a cloud-based service, this DNS-based solution requires a simple DNS redirect to the WebTitan servers. This facilitates scale and eliminates latency.

Key Features of DNS Filtering with WebTitan

• URL Filtering: The system filters URLs into 53 predefined categories, such as social media, news, pornography, gambling, and work-related content. It contains over 500 million website addresses in 200 languages, each sorted into a predefined category.
• Cloud Keys: A bypass code that can be entered on the block page allows users to bypass it and proceed to the requested website.
• On-the-Go Agents: A Windows-based agent that --when installed on a laptop-- ensures the user continues to use the WebTitan Cloud policy outside the office environment.
• DNS Proxy: A small locally installed virtual machine that integrates with Active Directory and allows per-user reporting of internet activity and events.
• Extensive Web Filtering API: Remote management and monitoring via API.
• Flexible Policies: Different considerations and policies for different environments. Easily create and manage your policy to protect users, including allowlists and blocklists of URLs and domains.
• Support: TitanHQ, the developer of WebTitan, is highly rated for top-notch customer service and support both before and after installation.
• Reporting: Access to over 50 predefined reports on user or group activity. These reports can be scheduled or exported in multiple formats.
• Multi-Tenanted Platform: Create new accounts quickly and manage any number of locations, which is perfect for managed service providers responsible for numerous clients.
• Scalable & Fast: Set up in minutes and managed from an intuitive web-based interface. The solution can handle any volume of usage with no latency, preserving performance.

The Benefits of using a DNS Filtering service are:

• Improves security by blocking access to malicious and risky websites
• Prevent malware downloads from malicious or hacked websites
• Keeps your defense current with targeted threat analysis and zero-day updates to protect your customers as threats arise.
• Use policy-based controls to manage access with highly granular blocking and filtering
• Prevent users from accessing material that could hinder productivity or cause offense.
• Use policy-based controls to manage access with highly granular blocking and filtering

Read MSP 3 Tips on DNS Protection

WebTitan DNS Filter

WebTitan Cloud provides feature-rich functionality, allowing you to protect users from malware, phishing, and DNS viruses and enforce internet usage policies without the need for on-premises hardware or software. WebTitan Cloud offers cloud-based DNS filtering to bring powerful enterprise filtering to all your users, regardless of their location, including remote employees. WebTitan Cloud eliminates browser latency while delivering secure and comprehensive web security to all off-premises users.

Anti Malware Protection

WebTitan Cloud includes several categories of malware protection, such as blocking access to compromised websites, spam-based websites, spyware, ransomware, trojans, rootkits, and other malicious content.

URL Filtering

WebTitan Cloud offers URL filtering of up to 53 predefined categories, including millions of URLs. This works in conjunction with a cloud-based lookup and real-time classification system to provide an unmatched combination of coverage, accuracy, and flexibility.

The Three-Tier Mechanism for Filtering Internet Content at the DNS Level

WebTitan Cloud uses a three-tier mechanism for filtering Internet content. The three tiers work together to maximize the company's defenses and prevent users from accessing material that could hinder productivity or cause offense.

• Tier 1 - SURBL & URIBL filters
• Tier 2 - Category filters
• Tier 3 - Keyword filters

WebTitan has several other game-changing features, including:

• Best-in-class malicious URL detection
• Real-time filtering
• Instant categorization
• Infinitely scalable
• Flexible Policies
• Access Control
• Extensive Web Filtering API
• Malware & Phishing Protection
• We detect up to 60,000 malicious sites EVERY DAY
• Immediate live updates
• Zero-day updates to protect your customers as threats arise.
• No bandwidth limits and no latency issues—Different environments have different considerations, so you need to have flexible policies. There are ALWAYS exceptions, so a rigid approach for a wide range of customers will just not work.
• Single email address login access to a specific policy configuration
• Remote Management and Monitoring via AP - WebTitan will block access to malicious, hacked, or inappropriate websites. SSL supported

WebTitan provides advanced threat protection from malware, malicious sites, phishing sites, C2 callbacks, ransomware, botnets, spyware, and viruses. 

See how WebTitan DNS Filtering compares with DNS Filter

More DNS Filter news here

DNS Filtering News and DNS Filtering Resources

1. A Guide to DNS Filtering: How does DNS filtering work? DNS filtering is designed to combat malware, spam, child pornography, and other dangerous sites on the web. DNS is both an interpreter and a roadmap for the Internet. 
2. DNS Filtering Solution: WebTitan is an advanced DNS filter that provides protection from HTTP and HTTPS security threats and advanced DNS filtering control to businesses, MSPs, and schools globally.
3. DNS Filters Versus Firewalls: 48% of IT professionals listed their perimeter firewall/UTM appliance as their chosen web filter solution for their respective guest Wi-Fi environments.
4. DNS Filtering Solution for MSPs: Managed service providers may be put off offering web filtering to clients because they mistakenly believe there is little profit to be gained, but this is untrue. A DNS filtering solution for MSPs requires no additional hardware, no software downloads, and no visits by service staff to install the solution.
5. DNS Filter Software: There are many different types of DNS Internet filtering software on the market, but in order to be fully effective, DNS web filtering software must have SSL inspection. Secure Sockets Layer (SSL) encryption was developed to prevent online transactions from being intercepted and tampered with. Most often associated with online financial transactions, SSL encryption is now used in many different online applications.
6. DNS Filtering Comparison - Webtitan versus WebRoot: At a glance, the products are similar in that both are DNS filtering solutions, but this is where the similarity ends. WebTitan Cloud has many additional security features that make this comparison one-sided.
7. DNS Filtering as part of the Security Stack: Being in the managed services business means you are in the cybersecurity business. Both are deeply intertwined. Protecting your customers' users, devices, files, and infrastructure from malicious attacks is nothing more important. 
8. MSP Customer Success Stories: Discover what Active IT Systems has to say about offering their customers WebTitan DNS filtering and the complete TitanHQ solution suite.
9. DNS Filtering Cisco: In the last 36 months, many OpenDNS Cisco Umbrella customers have switched to WebTitan Web Filter. This free guide examines some of the key differences between these two solutions.

Get Started with WebTitan DNS Filtering

Learn more about how WebTitan works and how it can protect your business against malware, phishing, viruses, ransomware, and links to malicious websites. 

Get Started with TitanHQ's DNS Filtering Solution.