Product Details

What threats does DNS Firewall protect users against?

DNS Firewall protects users from multiple threats. Not only does it stop them from accessing malware dropper sites or downloading ransomware, but it also prevents your users from unwittingly sharing confidential log-in information on compromised sites by blocking access to phishing domains.

What threats does DNS Firewall protect your network against?

It prevents cybercriminals from stealing data from your network. This is accomplished by blocking communications between external botnet command and controller (C2) servers and infected botnet nodes on your network.

Who can use DNS Firewall Threat Feeds?

To utilize these Threat Feeds, you’ll need to manage your own DNS infrastructure. This protective measure can be used with a variety of major DNS solutions, including BIND and PowerDNS. They can also be used with some DNS appliances, including Infoblox.

Pricing

Based on users, prices start from $5,000 US per annum.

Free access

To protect yourself from the most malicious threats, you can sign up and access our DROP threat feed for free. However, this is only available for users who manage their own DNS.

Diagram showing how Spamhaus DNS Firewall Threat Feeds work.

How do DNS Firewall Threat Feeds work?

Sometimes referred to as a Response Policy Zone (RPZ), DNS Firewall applies threat intelligence data sets to DNS resolver traffic. This prevents DNS requests from resolving to malicious IP addresses and domains.

  1. User clicks on a URL link and queries the local DNS resolver;
  2. The DNS resolver checks against the DNS Firewall Threat Feeds;
  3. If the domain, IP, or nameserver is listed in one of the data feeds, the resolution of that link is blocked/redirected. If it is not listed, the user can access the link destination.

For more information, read this blog post.