Domain Name System (DNS) is an addressing system used by the internet through which domain names are located and translated into internet protocol (IP) addresses. When a user attempts to access a website through an internet browser, a DNS query is performed. The DNS server matches the request to the respective IP address of the domain and responds to the query by loading the requested web page on the user’s browser.
So what is DNS Filtering? It is a technique by which access to specific websites, web pages, or IP addresses, can be blocked or permitted. If a DNS filter is in place, the IP address being returned from the DNS server will be checked before it is permitted to load on the user’s browser. Therefore, DNS filtering ensures that the user is protected from online threats like viruses, malware, ransomware, and so on. DNS web filtering can also be used to block inappropriate websites and web pages that the user may be searching for, especially at the workplace.
The internet represents a revolutionary step forward in the way data is stored and accessed, and in the way business is done. Most enterprises make use of user-friendly websites or web applications which allow their users to interact and transact.
But allowing users to seamlessly interact with your server and database presents some problems too. Primary among them is that it is difficult to differentiate between genuine users and hackers.
This is where a Web Application Firewall (WAF) comes in. A WAF allows you to protect your servers from online attacks on the internet.
For instance, there may be several nodes or entry points into your network, which security threats from the internet can penetrate. A robust security solution should ensure that these individual layers or nodes stay uniformly protected. Even if one of the layers is compromised, the impact of the breach could be severe. But micromanaging the security of every node in your network is time-consuming and invariably increases the latency of system operations.
A Web Application Firewall (WAF) can help you ensure the security of your network by monitoring and controlling all the HTTP conversations that your systems have with the internet.
What is a WAF and how does it work?
A Web Application Firewall comprises a set of instructions or protocols which have to be adhered to when using web-based applications. It protects your network and servers from websites whose scripts could be infected with malicious code intended to breach your security and access your data.
While using web applications, your searches and actions are considered client requests. These requests are processed by proxy servers which are kept in place to protect the client system. The proxy server receives the correct response from remote servers and transmits the data back to you.
A WAF acts a reverse proxy which protects your servers from attacks. It is an intermediary layer between the client and server, which makes it seem like the response is forwarded by an actual proxy server.
Website Filtering using WAF
A robust WAF comes with advanced DNS filtering features which examine every request from your network and send back only relevant and secure results. In addition to providing a layer of security to your servers and filtering websites based on its security loops, an effective web filtering solution should also simply allow you to blacklist websites because they could be irrelevant to the work done by your employees. Unmoderated internet access can have serious repercussions in terms of productivity drain.
Akku from CloudNow Technologies is a comprehensive solution to all your website filtering needs. It is a cloud-based web filtering software which allows you to specify which domains need to be blocked, for any reason – especially security or productivity concerns.
Company X is a leading insurance company which provides laptops to all employees for their work, regardless of their grade in the organization’s hierarchy.
The company has deployed a gateway firewall, incorporated with a DNS filter to blacklist or whitelist access to certain websites. In this manner, users are denied access to malicious websites, and threats due to unauthorized website use is prevented while users are within the office network.
How DNS Filtering Works?
Whenever a user makes an internet search, a request is passed on to the network through an IP. However, when DNS filtering is implemented in an organization, the relevant web page is redirected to the firewall where the restrictions are verified. If it has been blacklisted, access to the webpage is blocked.
Loophole Causing Security Concern
When more and more users beginning to work from home or work while travelling using the laptops provided by the company, Company X began facing new security concerns.
Although the firewall’s DNS filter was effective when users were within the office network, the user’s laptops were outside of the firewall’s reach. This meant that users could access any site or download any software without any restrictions, exposing the company-owned devices (COD) at risk due to unauthorized websites. This, in turn, threatened to compromise both the devices and the data stored in them.
It also made the devices non-compliant to the Company Owned Device (COD) policy.
The DNS filtering rules set by the company no longer applied when users took their devices outside their network and firewall. Addressing this issue, CloudNow’s Identity and Access Management (IAM) solution was deployed. With its website filtering feature, maintaining DNS filter rules was made possible, even outside the firewall.
With Akku, requests made by users to access any website goes through its DNS filter, which checks for restrictions and blocks unauthorized web pages. Here, the router acts only as the connecting bridge to the internet. This makes it possible to maintain website blocking instructions for devices, disregarding where the users access them from through the internet.
Why is DNS Filtering Outside your Firewall is a Necessity?
It is a vital for all organizations to increase the security of their data by preventing access to malicious websites in CODs. Additionally, this feature ensures that all CODs comply with security standards and remain audit-ready.