DNS FIREWALL THREAT PROTECTION
One of the common ways cybercriminals gain a foothold in the corporate network is by sending phishing or malware infected email. If users click on malicious links within phishing emails and download malware or ransomware it allows cybercriminals to:
- steal business data and intellectual property.
- alter or encrypt data for financial gain.
- install spyware; or add computers to botnets.
- compromise the entire corporate network.
DNS Resolvers are critical point for which all devices in your network must interact to communicate to the outside world. It is a logical choice to put security measures to check if a domain is “clean” or “dirty”.
DNS Firewall with RPZ (Response Policy Zones) has the ability to block resolution of known malicious domains at the DNS Resolver lookup fort he entire network. Similar in concept to blocklist but designed specifically for DNS lookups with far greater coverage.
What DNS Firewall Feeds are
The following DNS Firewall Threat Feeds, are available
- Composite zones
Includes malware, phishing and botnet feeds in one zone.
- Individual zones
Types of abuse feeds split by category:
- Spam / Abuse
How do I deploy RPZ?
RPZ is native in several of the industry’s leading DNS platforms, including:
- BIND V9 (or greater)
- Power DNS
Numerous appliance vendors have enabled RPZ as well, including:
- Efficient IP