For internet service providers (ISPs), protection from malicious traffic requires a multifaceted approach. Discover how and why Mornington Communications has adopted Spamhaus’ IP and Domain reputation data across its infrastructure via our commercial partner, SecurityZones - to protect its users, the network and ultimately, the business.

   

Meet Mornington Communications

Mornington are a community-focused Canadian co-operative telecommunications company. Over the past 100 years, they have provided telecommunications services, becoming an Internet Service Provider in the mid-1990s. Now they offer everything from mobile to TV to home security.

Today, with over 5,000 customers on the network, security threats are an ongoing battle. Network Manager, Dave Godglick, knows all too well. Led by a small but mighty network team, they ‘get’ the importance of proactive protection at every level of the infrastructure. We caught up with Dave to find out how Spamhaus’ data is helping Mornington to protect their customers and keep their network clean.

It started with a blocklist

Having tested several datasets over the years, Mornington opted to implement Spamhaus DNSBLs. The real-time blocklists easily integrated into Mornington’s existing email infrastructure, protecting them from spam and other email-borne threats. Dave explains, ‘We tried many datasets and experienced many problems such as users being blocked and we couldn’t unblock them very easily or they wouldn’t time out quickly enough – however, not with Spamhaus. The datasets are great. They’re easy to deploy, accurate, and cleaned up quickly.’ As an early adopter of Spamhaus blocklists, it was simply a natural progression for Mornington to enhance customer protection with additional layers of reputation data.

Phishing problems

With many customers falling foul of phishing and clickbait, DNS Firewall was an obvious next step for Mornington. At the DNS level, DNS Firewall Threat Feeds provide automatic protection against malicious traffic, phishing sites, and malware downloads. For Mornington, the phishing, malware and botnet feeds specifically were a no-brainer.

Utilizing the response policy zones (RPZs) has allowed Mornington to help protect those customers that do not know how to defend themselves. One of the biggest successes was for Mornington’s Support Services, with the number of incoming customer calls significantly dropping within days of deploying DNS Firewall. In Dave’s words, “Bringing on DNS Firewall led to huge improvements, particularly correcting most of our phishing issues.”

However, with the surge in IoT devices preconfigured with their own DNS settings and clients wishing to bypass the name servers, Mornington was again left with some vulnerabilities to botnets.

Protection at the network edge

The timing was perfect. Spamhaus already had a solution to protect customers right at the edge of the network, including the Botnet C&C and Drop lists – Border Gateway Protocol Firewall. A cost-effective, automatic network edge solution that drops communication with the worst of the worst, including botnet command and control servers.

For a small team, set-and-forget methods that provide automatic protection from malicious traffic are like gold – especially when they are easy to implement. For Mornington, configuration was straightforward. The edge routers are configured for eBGP with Spamhaus BGP feed (BGPf), then using iBGP the routes are shared internally. And the impact appeared to be instantaneous, leading to almost zero reports of viruses! Dave shares, “With the botnet C&C listings on BGP Firewall, and the botnet C&Cs on the DNS Firewall utilizing similar data, it’s like two extra layers of protection.“

In it together

For ISPs like Mornington, botnets and malware have long been a serious problem, with any malicious outbreak reflecting poorly on the business. When a customer becomes infected, the whole network is at risk – including Mornington. Yet, rather than blaming the customer who failed to protect themselves, Mornington takes a pragmatic approach, Dave shares, ‘To protect a customer is to protect the entire network, including ourselves. The mission is to find proactive ways of protecting people from themselves!’.

Mornington, we LOVE this approach – keep up the great work!

Related products

Data Query Service (DQS)

Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.

Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.

The service has never failed and utilizes the longest established DNSBLs in the industry.

  • Proactive & preventative
  • Save on email infrastructure & management costs
  • Actionable

Border Gateway Protocol Firewall

Border Gateway Protocol (BGP) Firewall provides your users and network with up-to-date protection against botnets and other external attacks.

Set up takes minutes; our data is constantly updated in real time by our experienced researchers on your behalf and can be utilized in your existing firewalls or routers.

  • Prevent data exfiltration
  • Protect your network from botnets
  • Reduce infected machines on your network

DNS Firewall Threat Feeds

Applied at the DNS level of your infrastructure, these threat feeds automatically stop users from accessing malicious sites including phishing and malware dropper websites.

These threat feeds can be integrated with existing recursive DNS servers, or for those who don’t manage their own DNS, we have a managed service available.

  • Reduce IT costs
  • Set and forget
  • Save money on risk insurance

Resources

What is Border Gateway Protocol (BGP) Firewall? A beginner’s guide

7 December 2022

Blog

Border Gateway Protocol Firewall (BGPF) is an effective and low-cost way to drop traffic to and from the worst of the worst IP addresses. Discover how it works and why it's invaluable to protect your network.

Egress prevent business email compromise with Spamhaus’ Data Query Service

8 March 2022

Case Study

Global email and data security company, Egress uses Spamhaus’ Data Query Service to provide users with simple intelligence about malicious actors.

10 questions to ask a potential DNS Firewall provider

11 September 2018

Blog

With such a huge growth in the DNS Firewall market over the past few years there are plenty of options to choose from. Read our Top 10 questions for your next DNS Firewall provider.