DNS Firewall - a new layer of your security
sam.sargeant •
The Internet is a powerful force for good, but also brings risks and threats.
Recent CERT NZ reporting shows these threats are serious and growing, affecting both New Zealanders and New Zealand businesses. In the third quarter of 2019, NZD$3.8 million of direct financial loss was reported while phishing attacks represented 38% of all incidents reported to CERT NZ. Their own commentary on phishing is worth repeating here:
Phishing may seem harmless, but it has a big impact on New Zealanders, the organisations they work for and businesses they run. It’s often a precursor to more serious attacks. Attackers use a variety of phishing techniques in an attempt to trick recipients into sharing their private information, make financial transactions, or to open malicious attachments or files.
InternetNZ has launched a new security product for businesses to reduce the likelihood of becoming a victim of online security attacks. Our product operates in a layer of technology called the Domain Name System (DNS) and is known as Defenz DNS Firewall.
The DNS is used by your computer and mobile devices to locate services on the Internet. Sometimes those services have malicious intent:
- phishing: their website looks legitimate, but it is trying to trick you into revealing your password, credit card number, or other personal information
- malware: software designed to cause harm may be delivered or controlled by a malicious website.
DNS firewall products sit between your users and these malicious Internet sites. By using a list of known-bad Internet addresses, a DNS firewall will prevent your users from visiting those websites that may cause a security problem. It can also provide them with a message to raise their own awareness.
A DNS firewall will also give you actionable alerts when something is blocked. If something is trying to communicate with a harmful Internet site, you can investigate in case there is a more serious compromise behind it.
By replicating the DNS infrastructure that is common to all Internet access, the implementation of a DNS firewall product is often as simple as changing one or two addresses on your network.
There are serious risks that a DNS firewall does not mitigate. For example:
- insider threat or intentional actions
- attacks directed at vulnerabilities in your Internet-connected systems
- Denial of Service attacks
A DNS firewall is only one part of a layered approach to cybersecurity – no single solution will give you all the protection you need. However, because the DNS is a foundational layer of the Internet, implementation of a DNS firewall gets you significant protection for a comparatively small operating cost.