In this post we explain DNS blocking and why and how a DNS block is put in place, but first lets cover what the DNS is and why it is necessary.
What is the Domain Name System (DNS)?
A unique IP address is assigned to every device connected to the internet, which allows the devices to be identified and located. An IP address is a computer-friendly number, but IP addresses are difficult for people to remember. To make it easy to find web resources, human-friendly domain names are used.
In addition to the Domain Name System (DNS) acting as a naming convention for websites, it is also an address book for the internet. When you attempt to visit a website using your web browser, before the website can be accessed it needs to be located and that requires an IP address.
A query is sent to a recursive DNS server, which contacts other servers looking for the IP address. If the website exists, an IP address will be provided to the browser to allow the website to be accessed. DNS servers are maintained by your internet service provider. For example, AT&T uses DNS servers with the IP addresses 22.214.171.124 and 126.96.36.199 that perform DNS lookups to find IP addresses.
What is a DNS Block?
A DNS block is used to prevent users from accessing certain websites. With a DNS block in place, the IP address of a website will not be returned when a DNS lookup is performed. A DNS block may be put in place by an internet service provider to prevent its customers from accessing illegal web content. To get around the DNS block, you would need to use a different DNS server that does not have a DNS block in place.
Modern web filters use DNS blocking to restrict access to certain types of web content such as social media networks, pornographic material, dating sites, gaming sites, and file sharing sites to enforce their internet usage policies. DNS blocking is also used to prevent users from visiting websites that harbor malware and other malicious content.
DNS blocking is an efficient method of content control. Since DNS blocking occurs at the DNS lookup stage before any content is downloaded, the process is very quick. There is next to no latency with web filters that use DNS blocking. The easiest way to block DNS and control the types of content that can be accessed is to use a DNS-based web filter.
DNS Blocking and Internet Control
When you sign up to use a DNS-based filtering service, the service provider will give you the IP addresses of their DNS servers, which are used instead of the DNS servers provided by your ISP.
A DNS-based filtering service provider maintains a database of categorized websites and handles DNS lookups. When a query is sent to the service provider to find an IP address for a website, an IP address will only be returned if the service provider deems the website safe and if the site does not violate content control policies. If a request is received to visit a prohibited website, instead of the IP address being provided, the user will be directed to a local DNS block page that explains that the website cannot be viewed because it violates the organization’s internet usage policies.
Users of the service are provided with a web-based interface that they can use to set policies covering the types of websites that are permitted or prohibited. Though that interface, organization-wide controls can be applied, and content control policies can be set for different departments or offices, user groups, and individual users.
Start Filtering the Internet with WebTitan Cloud
WebTitan Cloud is a DNS-based web filtering solution that can be used to carefully control the types of web content that can be accessed by users on wired and Wi-Fi networks. WebTitan Cloud is used by SMBs, MSPs and ISPs to prevent malicious, illegal, and other prohibited web content from being accessed.
In addition to blocking malware, ransomware, and phishing attacks, WebTitan Cloud can be used to prevent cyberslacking by restricting access to productivity sinks such as social media websites and to restrict bandwidth use by limiting access to video streaming websites.
WebTitan Cloud can be implemented in 5 minutes, it is easy to configure and use, and it allows precise control over the types of content that can be accessed.
If you are an ISP, MSP, or SMB that wants to exercise control over internet content, give the TitanHQ team a call today. Our sales technicians will be happy to explain how WebTitan Cloud works and the best way to implement the solution in your organization. You can also take advantage of a free trial to evaluate the full solution in your own environment before making a decision about a purchase.