DNS blocking is a method used by commercial Internet filters to prevent Internet users visiting malicious websites. It works by comparing IP addresses against those assigned to websites known to be harboring web-borne threats – such as malware and ransomware – and stops devices connecting with them when a match is found.
Because DNS blocking is based on comparisons between IP addresses, rather than between alphanumeric domain names, the process is quick – in most cases imperceptible. Therefore, organizations using an Internet filter with DNS blocking to control access to online content do not have to compromise efficiency for security.
The Secondary Advantage of DNS Blocking
The secondary advantage of DNS blocking is that comparisons against Acceptable Use Policies are equally as quick – enabling system administrators to apply as many policies as necessary without creating latency within the filtering process. Because of this, organizations using an Internet filter with DNS blocking have the option of applying a wide-range of granular policies. For example:
- Companies can prevent everybody except marketing personnel accessing social media platforms, and create an exception for lunch breaks.
- Retail businesses and hotels can implement a watershed for adult content in order to create a family-friendly environment during the day.
- School districts can apply policies that control access to online content by grade or by subject, with specific teachers given authority to override policies.
Both the primary and secondary advantages of DNS blocking create a better user experience. As well as organizations being protected against malware and ransomware, individual users are protected against phishing and spyware. Productivity is improved; and company employees, hotel guests, and school children are protected against being exposed to inappropriate content.
Setting Up an Internet Filter with DNS Blocking
The quickest and easiest way to set up an Internet filter with DNS blocking is to subscribe to a cloud-based service and redirect your Domain Name Server to the service provider´s IP address. This is far simpler than installing hardware or software, and it also has the advantage of minimizing your maintenance overhead, as keeping the filter´s software up-to-date is service provider´s responsibility.
A further advantage a cloud-based service is that it is infinitely scalable. You can increase the number of users and devices being protected as your company grows, as your retail business becomes more popular, or your school district expands. Conversely, you can reduce the number of protected users and devices if necessary, and avoid the scenario in which you are paying for capacity you are not using.
Cloud-based Internet filters with DNS blocking are also easy to manage. System administrators can log into their service from any Internet-connected device, and apply or adjust policies for any user(s) within their network. It is also possible to grant temporary exemptions to filtering policies through the use of Cloud Keys, or delegate a limited amount of administrative responsibility via role-based access controls.
Try an Internet Filter with DNS Blocking for Free
If you have a responsibility for online security, and you are interested in how DNS blocking can benefit your organization, do not hesitate to get in touch and speak with one of our Sales Technicians. Our Sales technicians will be happy to discuss your existing security mechanisms and answer any questions you have, and will invite you to try a WebTitan Cloud Internet filter with DNS blocking free of charge.
Our free trial gives you the opportunity to evaluate WebTitan Cloud in your own environment, try different filter settings, and review the outcomes via WebTitan Cloud´s extensive reporting suite. Not only will you be better protecting your online environment against web-borne threats, but you will also be providing your users with a better browsing experience. Contact us today, and you could be starting your free trial of WebTitan Cloud within fifteen minutes.
Do I have to know the IP addresses of websites I want to block before utilizing DNS blocking?
No. To overcome this potential issue, you can block websites by category or by keyword. WebTitan´s DNS blocking solution is preconfigured with fifty-three filtering categories, plus the opportunity exists to create up to eight customizable categories or fine-tune the preconfigured categories by whitelisting or blacklisting specific keywords.
Is it possible to circumnavigate a category filter using a VPN?
One of the most important categories on the list is the anonymizer category, which prevents users taking advantage of website anonymizers, VPNs, and proxy servers in order to circumnavigate other category filters. It is also possible to block the use of USB portable browsers to prevent category filters being circumnavigated and eliminate the risk of malware being imported from infected USB drives.
Can I prevent customers using my business´s Wi-Fi to visit competitor’s websites?
If customers are using your business´s Wi-Fi network to connect to the Internet, you can prevent them from visiting competitor´s websites by blacklisting your competitor´s website by keyword. If, however, they are connecting to the Internet via their mobile carrier´s data plan, DNS blocking your competitor´s website will not be effective.
How do you know if the filter is blocking the websites you want it to block?
WebTitan´s DNS blocking filter compiles logs of user activity which are then used in a suite of management reports. From these reports, system administrators can determine which sites are being blocked, why access to them was blocked (i.e. threat, category policy, keyword policy, etc.), and who was trying to access the blocked website.
How much does the WebTitan Cloud Internet filter with DNS blocking cost after the free trial?
The cost of the WebTitan Cloud Internet filter depends on how many users or devices you want to protect against web-borne threats and your preferred payment option. The payment options are available on our cost calculator page; or, if you would like a customized quote for your organization, do not hesitate to contact us.