What is DNS Blocking?

The best way to answer the question What is DNS blocking is by first explaining the Domain Name System – the method used to assign IP addresses to websites so browsers can find websites quicker. This system was developed even before the Internet existed – during the early days of the ARPANET network – so that computers on the network could be located by a number rather than a username.

web protection

As the Internet evolved, so did the Domain Name System. It now acts as the Internet´s telephone directory – connecting devices across the globe via numeric IP addresses must faster than if servers had to locate domains using alphanumeric characters. This not only has benefits in terms of connecting users to legitimate websites quickly, but also in preventing them from visiting malicious websites.

So, What is DNS Blocking?

When an Internet user enters a domain name into a browser (i.e. www.webtitan.com) or clicks on a link to visit a website, the Domain Name Server uses a look-up service to find the IP address assigned to the website. Before the Internet user is connected to the website, the IP address is checked against one or more databases of domains known to be unsafe.

How DNS Filtering WorksIf the requested website´s IP address matches that of an unsafe domain, the user´s access to the website is blocked. Depending on the type(s) of database used, it could be because the target website harbors malware (adware, spyware, ransomware, etc.) or because links to the website have been reported in spam emails, and the website is a likely candidate for a phishing website.

The primary advantage DNS blocking has over any other type of Internet filtering is that it is fast. Internet users are rarely aware their browsing experience is being controlled unless they attempt to visit a malicious website and their access is blocked. A secondary advantage is that DNS blocking prevents users accessing sub-domains sharing the same IP address that might not be blocked by name alone.

Installing an Internet Filter with DNS Blocking

The most popular way to install an Internet filter with DNS blocking is to not physically install anything at all, but rather subscribe to a cloud-based Internet filtering service. The reason for this is because cloud-based services are more scalable and flexible than hardware or software solutions, and because they work by redirecting the IP address of the Domain Name Server.

Thereafter, the cloud service provider is responsible for software updates and ensuring the databases being used to block IP addresses are up to date. If you are using the Internet filter to protect a large network of users, the DNS blocking service can be integrated with backend management tools to apply Acceptable User Policies with the click of a mouse.

Smaller organizations will be able to take advantage of the web-based administration portal in order to create and apply web browsing policies with wide-ranging granularity. Policies can be applied by individual user, user-group, and universally; or by time, bandwidth, or keyword. It is also possible to create a branded block page that informs users why access to the requested website has been blocked.

WebTitan´s Cloud-Based Internet Filter

The WebTitan cloud-based Internet filter is an ideal DNS blocking solution for organizations of all sizes. In addition to offering best-in-class protection against malware and ransomware, our DNS-based web filter also prevent users from visiting phishing websites and non-work related websites that could hinder their productivity or result in workplace HR issues.

Both our WebTitan Cloud and WebTitan Cloud for Wi-Fi filters include a comprehensive reporting suite in order that system administrators can review web activity and identify attempts to circumnavigate the filter´s settings. Administrators can create time-limited Cloud Keys that override the filter´s settings, or create longer-term policy exceptions via the user-friendly portal.

If you would like to experience these levels of protection and versatility, we invite you to get in touch and request a free trial of the WebTitan service most appropriate for your needs. The trial gives you the opportunity to find the optimum settings for your specific requirements, so that if you ultimately decide to permanently use your WebTitan filter for DNS blocking, no further configuration will be necessary.