What Is DNS Security?
DNS security helps protect users from cyberthreats both on and off corporate networks. Top-tier DNS security tools also improve the user experience, speeding up connection requests, while blocking malicious traffic and mitigating data exfiltration.
Cisco Umbrella Overview Video
Cisco Umbrella DNS security
Umbrella DNS cloud-delivered security service uplevels your security and visibility against Internet-based threats, and protects your users, everywhere, in minutes. Users gain better performance, and administrators can enforce a common set of security policies, from any location.
How does DNS security work?
DNS security solutions deploy DNS protection that should be able to:
- Monitor endpoint and network device DNS requests
- Leverage continually updated threat intelligence to block risky sites
- Help meet compliance mandates by enforcing filtering and blocking policies
- Maintain fast and safe connectivity
How do I ensure strong DNS protection?
- Respects user and corporate privacy
- Provides visibility and control via DNS
- Protects users and prioritizes alerts
- Utilizes DNS security extensions
- Supports all major endpoints and operating systems
Is DNS security really necessary?
- Sensitive data theft
- Malware, phishing, and ransomware attacks
- Web and non-web callbacks from compromised systems
What are common types of DNS attacks?
What is DNS hijacking?
DNS hijacking is an attack in which threat actors exploit vulnerabilities to take over a DNS server and redirect all traffic to a malicious website.
What is DNS spoofing?
DNS spoofing is a deceptive DNS attack that involves using a poisoned cache to redirect internet traffic to a malicious website that appears legitimate but is designed to install malware or capture sensitive data.
What is DNS poisoning?
DNS poisoning (also called cache poisoning) is a technique threat actors use to swap DNS data with a malicious redirect.
What is DNS tunneling?
DNS tunneling is an attack technique used by adversaries to exfiltrate data via a DNS-based channel. Attackers attempt this by encoding data of other programs and protocols into DNS queries. Detecting and responding to DNS tunneling attacks and exfiltration attempts is a vital part of any DNS security service.
What is DNS amplification?
DNS amplification is a type of distributed denial of service (DDoS) attack that exploits DNS server vulnerabilities to amplify small requests into larger payloads, causing the server to crash.
What are the best types of DNS security capabilities?
DNS-layer security solutions protect networks from cyberthreats by securing DNS requests. Cisco Umbrella is a protective DNS service that uses Cisco Talos threat intelligence to block attacks before they reach the network.
DNS monitoring involves the continuous monitoring of DNS traffic and DNS servers for potential security issues. Recursive DNS monitoring services instantly perform a security check when a user attempts to access a website and blocks connections to risky sites.
DNS filtering is a tool used to block access to malicious websites and other harmful online content. It can be used to protect against DNS attacks, such as DNS hijacking, by blocking traffic to malicious sites.
DNS Security Extensions (DNSSEC)
DNSSEC validates DNS requests by digitally signing them with cryptographic signatures. This helps protect against attacks like DNS spoofing and DNS poisoning by ensuring the integrity of DNS data. Cisco Umbrella uses DNSSEC.
Integrated security unifies threat management (internet, email, and endpoint security) to close security gaps. Solutions like Cisco Umbrella achieve this by unifying DNS-layer security with secure web gateway, cloud access security broker (CASB), data loss prevention (DLP), remote browser isolation (RBI), and more.
Related security topics
Cisco Umbrella security blogs
ABCs of DNS
DNS-Layer Security: What It Is and Why You Need It
The Difference Between Authoritative and Recursive DNS Nameservers
DNS-layer Security for Small Businesses
Detect and Prevent Ransomware Attacks with DNS Security
Use DNS Data to Drive Better Security Decisions