Filtering DNS

How FlashStart DNS technology is applied
to malware and content protection

GET PRICES

About Filtering with DNS

Here we explain DNS Filtering without diving too much into the technology,
it’s an introduction to help you make an informed decision about using DNS technology.
If you want to go deeper you can read more in our other briefs about our Url Filtering Technology,
Content Filtering and Malware Protection.

What is DNS?

DNS is short for Domain Name System and it solves a simple problem. If you want to visit a website, you need to know the name of that website and must enter it into the address bar of your browser. For example, www.mywebsite.com.

The problem is while that domain name is easy for humans to recognize, it means nothing to a computer. For a computer to find the website, an IP address is required. An IP address is a string of digits specific to a particular website that tells your computer where to find it. Domain names are for humans. IP addresses are for computers. DNS converts one to the other and basically serves as the phone book of the internet. You look up a name (website “domain name”) and the DNS server tells your computer the number (IP address) to allow that website to be found. That means you do not need to remember a string of digits to access a particular website.

When you type in a domain into your browser or click a link in a search engine or email, a connection will be made to a DNS server, the IP address will be found, and you will be directed to the website. Your DNS server will usually be provided by your internet service provider by default. Taking control of your DNS is where DNS filtering starts.

What and why Filtering DNS?

DNS filtering is the term given to blocking access to specific internet content to prevent it from being part of search results or downloaded content.

Filtering with DNS is a way to block access to specific web content. For example blocking access to websites known to host child pornography, or other content that is illegal to view or banned by your country.

Organisations may want to block access to other types of content that violate their own internet usage policies, such as adult content, social media networks, and websites known to host malware.

DNS filtering therefore protects users and their devices and network owners, assuring / enabling compliance with government regulations.

How Does Filtering DNS Work?

Traditionally, content control was achieved using a physical appliance. When a user attempts to visit a website, the appliance will download the content and decide whether the website can be accessed or if it should be blocked. DNS filtering is different. It works at the DNS lookup stage, before content is downloaded. The DNS filtering system looks at the requested website and compares it with a database that classifies the website according to content type. The DNS filter decides if you can view the content or not. We skipped an important detail here because your device needs to know where to find the DNS filtering service. This is usually done by one of two methods:

Router Based DNS

DNS settings in most routers can easily be adjusted to send all DNS to FlashStart Cloud. Here is a video showing the full set up in a MikroTik under 30 seconds.

End Point Protection

This refers to the intelligence residing in the device (end point). This is implemented as a tamper resistant application that downloads to the device and brings it under DNS filtering control anywhere!

FlashStart supports both of these deployment models

So now let’s return to the explanation about DNS filtering to highlight an important detail. The decision to block/allow the download is delayed  by the time it takes the device to send a DNS packet to the FlashStart cloud (or another vendor cloud). This delay is called “latency”

DNS filtering vendors write a lot about their latency and make comparisons between themselves. It’s like the acceleration performance of a car. However, to be able to reason about what latency is right for you then you need to understand a few important points.

Vendor’s Global Cloud

Every vendor has a global network of local connection to service your needs. It generally follows the rule that the nearer the access point, the lower the latency.  But read on…

Vendor “on premise” Cloud

The most recent trend is to deploy an on-premise Cloud (at FlashStart we call this a CloudBox). The idea is to optimise totally for your own needs, however, this is not a dedicated appliance but instead a very light application that runs on existing IT systems within the end user. It should permit a latency performance trending to under 5ms

FlashStart supports both of these deployment models.

Finally, let’s reflect on the question of what is good, bad or acceptable latency? There may be no shortage of opinion in the IT department about this.There is lack of empirical data, but it is generally considered that 20-50ms is good for a business and under 20ms for a small internet service provider tending to < 5ms for the largest internet service providers.

All Features

Rete Anycast Globale

Sicurezza in tutto il mondo grazie a svariati Data Center in ogni continente, per un servizio stabile e fra i più veloci a livello globale.


Scopri di più

 

Intelligenza Artificiale

Scansione continua dei contenuti web tramite AI, con altissima efficacia predittiva nel catalogare i domini in 85 categorie utilizzabili come blacklist.


Scopri di più

 

DNS Intelligence

Investigazione sulle attività in internet mediante machine learning, al fine di prevenire la risoluzione DNS di siti pericolosi o inappropriati.


Scopri di più

 

Protezione da Malware

Sicurezza preventiva da Malware, Ransomware, Botnet, Phishing, e attacchi hacker in genere, tramite blocco della navigazione in domini pericolosi.


Scopri di più

 

Filtraggio di Contenuti

Monitoraggio della navigazione internet in aziende, scuole, PA, famiglie, etc. con filtro dei contenuti espliciti, illeciti, e indesiderati in orari a scelta.


Scopri di più

 

Filtraggio DNS

Protezione in cloud basata su Intelligenza Artificiale, con blocco della risoluzione DNS per i domini che rientrano in categorie indesiderate.


Scopri di più

 

Protezione End-Point

Sicurezza nello smart working e nella didattica a distanza come in sede, mediante agent sui dispositivi remoti, a prescindere dal tipo di connessione.


Scopri di più

 

Geoblocking

Esclusiva protezione su base geografica con blocco totale dei Paesi ad alto rischio malware o compromissione, e possibilità di whitelist per i siti sicuri.


Scopri di più

 

Safe Search

Blocco a livello cloud dei contenuti espliciti (testo, immagini e video) nei risultati di ricerca su Google, Bing, DuckDuckGo e Youtube.


Scopri di più

 

CloudBOX

DNS Cache locale, attivabile su macchina virtuale o fisica, costantemente sincronizzata con il cloud per ottenere prestazioni altissime.


Scopri di più

 

Filtraggio granulare

Personalizzazione e gestione delle diverse politiche di protezione nella propria rete in funzione di utenti, gruppi, comparti, macchine e orari.


Scopri di più

 

MS Active Directory

Integrazione nativa per sincronizzare direttamente utenti e gruppi da MS Active Directory, in modo da assegnare velocemente filtri personalizzati.


Scopri di più

 

Dashboard multi-tenant

Possibilità di amministrare con un unico pannello più clienti, lasciando loro autonomia nella  gestione dei filtri all’interno della propria organizzazione.


Scopri di più

 

Report sull’uso della rete

Resoconti dettagliati, storici o in tempo reale, del traffico per categoria, paese, fascia oraria, etc., con possibilità di invio automatico tramite mail.


Scopri di più

 

Hybrid Box add-on

Integrazione avanzata tra Firewall e Cloud per la rete interna e la mobilità e per una protezione e gestione della rete avanzata.


Scopri di più