(also content-based filtering)
DNS filtering definition
DNS filtering blocks malicious, disreputable, or forbidden websites and apps at the DNS level. Companies use DNS filtering to ensure that company data remains secure and to maintain control of what employees may access on company-managed networks. DNS filtering blocks the IP addresses of sites deemed a threat before they have a chance to load on user devices. Examples of blocked sites include gambling, adult, or those with a known malware risk.
How DNS filtering works
- DNS queries go to a DNS resolver.
- The DNS resolver may act as a filter by refusing to resolve queries for domains in a blocklist or only resolving queries from an allowlist.
- If a DNS resolver refuses to resolve a query, the malicious website won’t load or be accessible to the user.
Benefits of DNS filtering
- Prevents users from accessing malicious or risky websites.
- Ensures acceptable internet usage policies at work.
- Stops users from visiting phishing websites.
- Prevents file downloads that could be copyright-infringing.
- Blocks users from downloading malware.