NEWS FROM THE EDGE

Tech Tips and Advice from the Experts at Dynamic Edge

A Regular Person’s Guide to DNS Filtering

As a “regular” person going to work every day, perhaps even as a business owner, you likely understand that cybersecurity works in layers. However, you may not know how many layers comprise your cybersecurity solution or the specific objective of each layer in place. Any worthy cybersecurity solution includes DNS filtering as a critical layer. This brief article defines DNS, explains how it works, describes the purpose of DNS filtering, and identifies the many threats it prevents.

What is DNS?

Domain Name System, or DNS, acts as the phonebook of the internet. Instead of thumbing through pages to find a name and its corresponding number, the DNS automatically translates domain names (such as www.dynedge.com) into IP addresses, the unique numerical labels required for devices to load the website. Without the DNS, we would have to memorize IP addresses for every site we visit, a daunting and inefficient prospect.

How Does DNS Work?

Like so many network processes we take for granted, DNS works so quickly that we hardly recognize its importance.  In approximately one second, the DNS process follows these seven steps:

  1. User Input: It begins when you type a domain name (URL) into your web browser.
  2. Browser’s Initial Check: Before reaching out to the vast internet, your browser checks its local cache to see if it already knows the IP address for the domain. If it’s there, the process moves directly to connecting to the website.
  3. Operating System Inquiry: If the browser doesn’t have the information cached, it asks the computer’s operating system to find it. The OS, too, has its own cache.
  4. Contacting Recursive DNS Servers: If the OS doesn’t have the IP address cached, it reaches out to recursive DNS servers, typically provided by your Internet Service Provider (ISP). These servers have their own caches, populated by recent user requests.
  5. Seeking Authoritative DNS Servers: If the recursive server doesn’t know the IP address, it queries authoritative DNS servers. These servers store DNS records for domain names. The search begins at the top level with root servers, then moves down to TLD (Top-Level Domain) servers (like .com or .org), and finally to the domain’s specific authoritative server.
  6. Receiving the IP Address: The authoritative server provides the IP address to the recursive server, which sends it back to your computer.
  7. Website Connection: With the IP address obtained, your browser can finally connect to the web server hosting the website, and the site is displayed.

In essence, DNS simplifies our web browsing experience, turning human-friendly names into computer-friendly numbers seamlessly and quickly.

Where Does DNS Filtering Fit In?

DNS filtering takes place during the “Seeking Authoritative DNS Servers” step. Instead of immediately translating any domain, the DNS server first checks the requested domain against a list. If the site is on a ‘blocked’ list due to harmful content or other reasons, the DNS server will not return the IP address, and the user won’t be able to access it.

Benefits of DNS Filtering

DNS filtering serves as an important, proactive measure to ensure online safety and productivity. Numerous benefits include:

  1. Protection Against Malicious Sites: At the forefront of its advantages, DNS filtering effectively blocks access to known harmful websites, such as those hosting malware or phishing schemes. Before a user even reaches the site, DNS filtering stops the connection, greatly reducing the risk of security breaches.
  2. Enhanced Productivity: For businesses, unrestricted internet access can lead to decreased productivity. DNS filtering can restrict access to distracting sites, such as social media or entertainment platforms, ensuring that employees remain focused during work hours.
  3. Safe Online Environment: For institutions like schools, ensuring a safe online environment is crucial. DNS filtering can prevent access to inappropriate or harmful content, ensuring that young users have a safe browsing experience.
  4. Low Maintenance and Upkeep: Unlike other security measures that require frequent updates, DNS filtering relies on vast, constantly updated databases of malicious and unwanted sites. This ensures that protection remains current with minimal manual intervention.
  5. Reduced Network Load: By preventing unwanted traffic from accessing the network in the first place, DNS filtering can contribute to a faster and more efficient network experience.
  6. Flexible Control: DNS filtering allows for tailored access. Depending on the needs of an organization, specific sites or categories can be blocked or allowed, offering a customizable approach to internet access.

DNS Filtering vs. Web Filtering

While both DNS filtering and web filtering regulate access to online content, there are significant differences between the two solutions:

Regarding operations:

  • DNS filtering operates at the domain level. It checks the requested domain against a list and, if flagged, blocks access before any connection to the website is made.
  • Web filtering works at a more granular level. It inspects the actual content of web pages, allowing it to block specific pages or elements within a site, even if other parts of the site are permissible.

Regarding resource usage:

  • DNS filtering is typically faster and less resource-intensive as it stops the process before a connection to the malicious site is established.
  • Web filtering might be more resource-demanding since it scrutinizes the content in real-time, which can occasionally slow down browsing.

Regarding flexibility:

  • DNS filtering offers broader strokes of protection, blocking entire domains.
  • Web filtering provides finer control, enabling organizations to block specific content types or pages, even within generally trusted sites.

Why organizations need both:

  • While DNS filtering can swiftly prevent access to known harmful domains, it can’t delve into the nuances of individual page contents. Web filtering steps in and catches threats or inappropriate content that exists on generally reputable sites.
  • Furthermore, the evolving nature of cyber threats means that relying on just one method exposes vulnerabilities. Together, DNS filtering and web filtering ensure that potential dangers, whether at the domain or page level, are addressed, granting organizations a more robust and comprehensive defense against the myriad of online threats.

Dynamic Edge Can Help

Since 1999, Dynamic Edge has helped hundreds of small and mid-sized businesses maximize the return on their technology investment. Contact us today for a free network assessment, so that we may help you implement cost-effective security solutions to keep your organization and its clients safe and productive. Our Help Desk features friendly, experienced engineers who answer calls live and solve more than 70% of issues on the first call.

5 1 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments