Skip to content
TitanHQ

How DNS Filtering Can Work with Your Network Topology

Posted by Geraldine Hunt on Mon, Dec 17th, 2018

Finding the right content filtering solution takes research, skill and the ability to find an application that works well with your current infrastructure. Traditionally, content filtering solutions caused network performance issues, too many false positives, and false negatives. With DNS-based solutions, corporations can eliminate much of the limitations and disadvantages of content filtering applications and provide a safer network environment that does not interfere with normal daily employee activity.

The Importance of Content Filtering

When the Internet was first introduced, most businesses had no ability to support Internet connectivity. The Internet and its advantages were seen as a luxury for most businesses. As the popularity of the Internet continued to expand, businesses adopted some of its advantages such as email. Businesses had email as a way to communicate with customers and vendors, but they didn’t offer much more than simple communications.

The Internet continued to expand and offer resources and information for all industries, and because of these advantages, the Internet became a place where employees could find information. It also because of a venue for businesses to sell product and services and provide customers with information. For employees to use these advantages, they needed a way to access the Internet. The solution was for network administrators to provide access to the Internet and to give employees unfettered ability to browse the Internet at will.

While providing employees with access to the Internet has several advantages, it also has its disadvantages. Employees are able to browse inappropriate content, but worst of all they are able to browse malicious sites. Cybersecurity should be the main concern for businesses that need to protect their internal network from a data breach.

Cybersecurity attackers use phishing as a primary means for an attack. Using phishing attacks, an attacker can steal sensitive data such as employee credentials. With these credentials, an attacker can then log into the internal network and steal data without any notification or alerts that tell the network administrators an intruder could be active on the network.

These disadvantages have left administrators with the difficult decision to find a solution to protect the network and the business reputation. A data breach can cost an organization millions in reparations, lawsuits, and fees. It’s a costly risk should an organization ignore the importance of content filtering for cybersecurity.

Implementing DNS-Based Filtering

Past content filtering solutions were cumbersome and didn’t work well with infrastructure, but DNS-based solutions work seamlessly with current solutions. Because DNS-based solutions work with global DNS systems, it easily works with current network infrastructure. DNS is a part of any Internet-capable network system, so DNS-based cybersecurity is efficient and convenient for network administrators.

With DNS-based filtering, a user first enters a URL in a browser. The browser performs a lookup on the domain by querying a DNS server for the IP that matches with the registered domain. This IP address is then used to contact the site server and return content to the user’s browser. The DNS lookup is still performed, but the IP address is cross-referenced with a blacklist of IP addresses blocked by the network administrator. If the IP address matches with an IP on the blacklist, the user’s browser is blocked and a custom page is sent back to the user saying that the content is prohibited. For egregious issues, the network administrator can be alerted so that future attempts to contact malicious URLs can be more seriously observed.

DNS-based filtering offers a way to seamlessly integrate with current infrastructure. Network administrators can block IP addresses, rendering attacks based on URLs, domains and phishing emails useless. An attacker can’t use any domain linked to the same IP, so they are forced to switch to a new domain or find a different style of attack. No number of different pages or page names can avoid a DNS-based filter, because the same IP is returned for the same domain.

Network administrators have a difficult responsibility of finding the best way to protect network users from malicious attacks, and this protection includes defending against phishing attacks. Phishing attacks are some of the most difficult ones to stop. These administrators rely on user educations, but it isn’t a perfect solution.

Using DNS-based filtering, administrators can block most of the malicious attacks that rely on DNS lookups. Any attack where a user clicks a link or accesses content using DNS is protected using this solution. For this reason, DNS-based filtering is the best way to protect a network using content filtering solutions.

Related Articles

Never Miss a Blog Post

Sign-up for email updates...

Get Your 14 Day Free Trial
TitanHQ

Talk to Our Email and DNS Security Team

Call us on US +1 813 304 2544

Contact Us