What is DNS filtering?

NordVPN DNS
(Image credit: NordVPN)

Despite the fast-paced progress of technology today, the internet remains a disturbingly dangerous place. All the time, we hear about websites becoming unavailable due to denial of service (DoS) attacks or displaying damaging information on their pages. Data breaches are becoming more and more common, and some of the recent ones have been the largest in history, threatening to break a new record every year. With millions of passwords, e-mail addresses, and credit card details leaked into the public sphere, site users are left without the right to privacy and put at serious financial risk.

However, in this constant battle for cybersecurity humanity is still far from being helpless. While the internet will always be a breeding ground for malicious attacks and cyber threats, you can stay on the safe side by keeping your software and systems up-to-date, backing up your data, installing a firewall, controlling access to your systems, and blocking access to potentially dangerous sites.

The domain name system (DNS) filtering is one of the most common methods both individuals and businesses are using to safeguard their environments from cyber threats, so let’s learn a bit more about it.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022
TechRadar needs you!

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Perimeter 81 is one of TechRadar's choices for the best SWG providers

Perimeter 81 is one of TechRadar's choices for the best SWG providers

Protect your employees and network from web-based attacks with a Secure Web Gateway. Filter out malicious threats. Monitor all employee activity. Streamline compliance. Secure your entire workforce, whether on-prem or remote with Perimeter 81. Deploy in minutes. Start now.

What is DNS filtering and how does it work?

In simplest terms, DNS transforms domain names into IP addresses, which internet users utilize to enter websites. Therefore, as its title implies, DNS filtering is the practice of filtering specific sites for a particular purpose, often with their content as the main criteria.

If a site, its section, or a category of connected sites has been classified as a potential threat to the security of the company's system (or even a threat to the productivity of its staff), its IP address will be blocked by a DNS filter. The sort of content that’s usually blocked due to its association with malware is adult stuff, online gambling games, and illegal downloads, to name a few.

Every time you try to enter a site, a DNS filter will look up your IP address and, in a second, connect your browser to a web server to get the information you’re searching for. This is the moment when the magic of DNS filtering happens. If a site is suspected to be malicious, fraudulent, or otherwise deemed a threat by the network administrator, your browser will be blocked from connecting to web servers and passing on information you searched for.

In addition to this, a DNS filter maintains and continually updates a list of blacklisted sites which it blocks either via their domain names or via their IP address.‍

What are blacklisting and whitelisting?

Blacklisting and whitelisting are two methods of controlling access to specific sites, e-mail, software, and IP addresses. In terms of networking, a blacklist (also known as a blocklist) is a database of domains or IP addresses where access is off-limits.

Whitelisting is a method opposite to blacklisting yet it ultimately serves the same purpose. Instead of creating a compilation of unwanted domains or IP addresses, a whitelist compiles a list of those who are to be allowed access, that is, of trusted domains or IP addresses only.

While a whitelisting automatically denies access to all resources with an exception of those that the network administrator has deemed trustworthy, blacklisting allows access to all sites under the condition that they’re in line with the company’s security policies.

What is DNS filtering used for?

Are you thinking about adding DNS protection to your current security solutions and taking another step towards the zero-trust policy? If the answer is yes, here are a few main benefits of utilizing a DNS filtering solution.

1. Blocking malware-infected sites

DNS filtering can serve as the first line of defense against malware infections while giving all other security systems a needed break. If an inside user is misled or redirected to a malicious site, malware could get onto their device from there and continue to spread like a wildfire across the company’s infrastructure if left unrestrained. Then, it’s just a matter of time before it cripples or completely paralyzes your business activities.

By adopting DNS filtering, you won’t only prevent data breaches, but also lighten the workload of your firewall and other security solutions that are working around the clock to keep you safe.

2. Fending off the phishers

Phishing attacks come in many shapes and sizes and they’re becoming more and more sophisticated. They are often unmistakably mirroring the site under the attack which allows the attacker to keep a close watch on the victim and bypass any security control at the same time. Since this is considered to be the most common sort of attack carried out by cybercriminals, it’s crucial to make sure your business is safeguarded from phishers.

Fortunately, DNS security can stop phishing attacks in their very inception by blocking access to sites exploited in phishing attacks. Since links to most of these sites are shared in text, once DNS gets to work, phishing sites will be blocked and all attempted clicks will be in vain.

3. Safeguarding your systems from ransomware attacks

Adding DNS filtering to your security solution is one of the surest ways to keep them safe from ransomware attacks. Much like with phishing attacks, the best way of dealing with ransomware attacks is to avoid them altogether, and the DNS filtering solution does that by using a now well-known method.

Thanks to DNS filtering, companies won’t be blackmailed to choose between two evils - paying the ransom or rebuilding their IT environment from scratch.

4. Promoting productivity in your work environment

This use of DNS filtering has less to do with security and more with ensuring your employees are kept on their tasks in a productive manner. With an increasing number of employees working from all the comforts of their homes, not getting distracted from work turned out to be a major challenge. 

So, while protecting your network from cyber threats, DNS filtering can also make sure that employees are engrossed in their work and free from time-wasting sites.

5. Shedding light on the inner workings of your network

A DNS filter can help you keep tabs on what’s happening on your network such as uncovering shadow IT applications and discovering how users are spending their time online. With the ability to keep an eye on each and every user, you can easily track any attempted visits to blacklisted sites or figure out what sites should be blacklisted next.

Should you start with DNS filtering straight away?

If you want to bulletproof your business and protect it from all sorts of cybercriminals, hateful hackers, and malicious software, DNS filtering will fit the bill. And if your employees are easily distracted from their work, a DNS filter can also help them to stay focused on it.

So, the short answer is yes, you probably should start with DNS filtering.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.