What is DNS filtering?
DNS filtering blocks access to malicious or forbidden websites and apps at the DNS level, helping companies secure data and control employee access on managed networks. It prevents threats by blocking the IP addresses of harmful sites before they load on user devices, often targeting categories like gambling, adult content, or sites known for malware.
See also: DNS server, DNS proxy, DNS cache, DNS flushing, DNS hijacking, DNS over HTTPS, DNS port, DNS query, DNS record, DNS redirection, DNS resolution, DNS sinkhole
How DNS filtering works
- DNS query initiation: When a user attempts to access a website, their device sends a DNS query to a DNS resolver.
- Blocklist and allowlist: The DNS resolver checks the query against a blocklist, which contains domains that are deemed harmful or disreputable. Alternatively, it can use an allowlist to only resolve queries for approved domains.
- Refusal to resolve: If the requested domain is found on the blocklist, the DNS resolver refuses to resolve the query, meaning it does not provide an IP address for that domain.
- Access prevention: As a result, the malicious website won’t load or be accessible to the user, effectively protecting them from potential threats.
This filtering process helps organizations maintain control over internet access and enhance security within their networks.