The term DNS filtering is rarely used when discussing Internet security, but it is one of the key mechanisms used by Internet filters to prevent users visiting websites harboring malware and ransomware. This article provides an explanation of “what is DNS filtering”, and invites businesses not already using this Internet security mechanism to try DNS filtering for free.
A Basic Introduction to the Domain Name System (DNS)
The Domain Name System evolved from the early days of the ARPANET system, when a text file was maintained mapping usernames to the numerical addresses of computers connected to the system. As the ARPANET system grew, manually maintaining a text file of users and numerical addresses became too labor-intensive, and an automated naming system was developed.
The new Domain Name System automatically translated usernames into numerical Internet Protocol (IP) addresses in order to make it easier for users, computer services, and devices to find each other on the expanding network. Eventually the Domain Name System became the world´s directory service, and is now an essential component for the functionality of the Internet.
How the Domain Name System Works
When a domain name (for example www.webtitan.com) is purchased from a domain register, it is assigned a unique static IP address. Then, when an Internet user enters the domain name into their browser bar, a request to access the website is sent to the “recursive resolver” – basically a lookup service usually hosted by the user´s Internet Service Provider.
The recursive resolver first talks to a Root Server – which holds the IP information about the top level domain (i.e. “.com”) – and then to the relevant Top Level Domain server, which directs the recursive resolver to the domain name´s server (the server hosting the website) from which it gets the IP address assigned to www.webtitan.com.
Now the recursive resolver knows the IP address for www.webtitan.com, it tells the browser what it is, so the browser can send a request to the website to access its content. The process takes a tenth of a second, and – although it is possible to access a website by entering its static IP address – it is a lot more convenient for Internet users to enter domain names than maintain their own directory of IP addresses.
So, What is DNS Filtering?
While it is easier for Internet users to remember domain names than IP addresses, it is a lot more efficient for Internet filters to check requests to visit websites by IP address than by domain name. Consequently, the databases used to check whether or not a request to visit a website complies with web browsing policies are maintained in IP address format.
The actual DNS filtering part of the operation occurs when a browser has sent a request to access the content of a website and the website replies. At this point the Internet filter compares the website´s IP address against its database(s) and configuration to ensure the user is allowed to access the website. If not, a message is displayed on the screen of the user´s device explaining why.
How Does the Filter Know Which IP Addresses to Block?
That depends on how the filter has been configured. By default, most DNS filtering services provide a level of protection against malware, while more advanced DNS filtering services also block phishing websites and vulnerable websites that have been exploited to harbor viruses, spyware, adware, browser hijacking software, and ransomware.
Beyond that level, businesses can decide for themselves if they want further categories of website content blocked (pornography, gambling, etc.) and/or specific websites (Netflix, Facebook, etc.). In most cases the choice exists to block categories and/or websites by individual user, user group, or universally so that – for example – the marketing department is still able to access its social media pages.
Cloud-Based DNS Filtering from WebTitan
Cloud-based DNS filtering is the most convenient way for businesses to protect their networks and their users from malware, ransomware, phishing, and online content that could be a barrier to productivity in the workplace. Cloud-based services are quick to implement – requiring a simple redirection of the Domain Name Server – and easy to manage via a web-based administrative portal.
WebTitan´s cloud-based DNS filtering service is WebTitan Cloud – a versatile and universally scalable DNS filter that is suitable for businesses of all sizes, educational institutions, and public Wi-Fi providers who want to give customers a secure browsing experience. WebTitan Cloud is extremely versatile and enables system administrators to apply web browsing policies by time, bandwidth, or application.
More than 7,500 users are currently protected from web-borne threats by WebTitan Cloud, and if you would like to know more about our DNS filtering service, do not hesitate to get in touch. Our team of Sales technicians will be happy to discuss your existing web security safeguards, and invite you to take a free trial of WebTitan Cloud so you can evaluate our DNS filtering service in your own environment.