DNS Filtering: How Does It Work?

So, how does DNS filtering work?

The short answer: DNS filtering gives you the ability to filter bad or unwanted content at the DNS level. DNS filtering works by categorizing every single domain you attempt to access and cross-referencing those categorizations and domain names with policies you've determined you want to block. If you want to block all social media sites and attempt to access a brand new social media site, you won't be able to because your policy will stop you. DNS protection solutions, like DNSFilter, include DNS filtering as a feature.

What does DNS do?

Any website you type into your browser has a separate IP address that it is connected to. What holds all these IP addresses? The Domain Name System, or known as "DNS". Some people compare this to a phonebook for the internet. Your web browser understands what to load when given an IP address. The DNS retains domain names, like dnsfilter.com, to the IP addresses so your browser can load these websites for you.

How did we land on this system?

In the ‘70s, the internet’s precursor was called ARPAnet. ARPA stood for Advanced Research Projects Agency Network.

A critical component of ARPAnet was a file called “HOSTS.TXT.” This was a single file housed at the Stanford Research Institute called “HOSTS.TXT” which, true to its name, held all of the information about the hosts. Similar to the modern-day internet, users of ARPAnet could access the “host files” (what we would call “domains”), but everything was routed through a single file, and a single computer.

As you can imagine, updating this HOSTS.TXT file became cumbersome. The system couldn’t scale, and it was relatively easy to make the system go down. For instance, there was nothing in place preventing someone from adding a duplicate “host” to the master file. Imagine if someone tried to add a second “Facebook.com” to the internet! Likely, Facebook would be down for a little while until someone fixed the mistake.

Because there was nothing in place to prevent this duplication, affected hosts and systems could be taken offline if someone made the mistake of adding, for instance, a second “Facebook.com”.

From this experiment, DNS was born. DNS is a hierarchical and decentralized naming system that ensures all names are completely unique. And because DNS servers are distributed (i.e., not located in a single place), it has allowed the internet to grow the way it has.

We’re now at nearly 2 billion domains!

Now what does DNS filtering do?

We gave the short answer earlier but for the long answer on how DNS filtering works, this blog post will cover DNS basics, what DNS filtering is, and why everyone needs it.

dns filtering

What is DNS filtering (and how does it work)?

If DNS is the phonebook, think of DNS filtering as a caller ID system that can enable call blocking.

With DNS filtering, when you type in a website’s domain, a filtering process takes place between the IP address being retrieved and the page being displayed. This filtering process categorizes the site into a variety of groupings that include news and media, social networking, malicious, illegal content, and much more.

Businesses put DNS filters in place to block employees or guest Wi-Fi users from specific sites. A business might choose to block social media sites during work hours for their employees or illegal content for both employees and public Wi-Fi guests. A DNS filtering system will always block users from malicious content.

Once a website has been categorized, the filter will either display the page or block it depending on the parameters set up ahead of time by the business. So if you’re trying to access Facebook during work hours at a company that has blocked the site, you’ll see something like this:

lightning fast DNS

Like this example, block pages are usually customizable. If you encounter a company block page, you might see your company’s logo with a note that they’re the ones who are blocking you.

Why do we need DNS filtering?

Though we touched on it in the previous section, DNS filtering is not just about employers blocking sites they don’t want their employees to access. It’s also a very important cybersecurity measure that prevents you from accessing malicious sites that can administer phishing, ransomware, or cryptojacking attacks.

Unfortunately, there are a lot of people who compromise websites in order to trick people into handing over their login credentials, scamming them out of money, and causing businesses to be shut down.

And if you remember, there are almost 2 billion domains out there. And roughly 200,000 new domains every day. Those are a lot of opportunities to run into a malicious site without realizing it.

Even previously “safe” websites aren’t always safe, as they may become compromised. That’s why going with a DNS protection solution with an advanced AI is a must. It keeps employees and guest Wi-Fi users safer because it doesn’t just check a list of safe domains, it actually scans the page.

Omitting DNS filtering from your cybersecurity is a huge business risk. It puts pressure on employees to assess risks on their own, when they might not have the skills or training to do so.

Get your free trial of DNSFilter today to prevent you and your employees from accessing malicious content.

  • There are no suggestions because the search field is empty.
Latest posts
Fall 2023 G2 Awards Are Here: 29 Badges and Counting For DNSFilter Fall 2023 G2 Awards Are Here: 29 Badges and Counting For DNSFilter

DNSFilter has been named a leader in Secure Web Gateway, DNS Security, and Web Security categories on G2, earning an impressive 29 badges and named in 29 reports. This includes new badges such as High Performer EMEA and Leader Americas in the Web Security category. 

These accolades are a testament to our commitment to our customers. We are particularly proud of our badges for ease of implementation, administration, and quality support. Providing ...

DNSFilter CEO Reacts to France’s “Bill to Secure and Regulate the Digital Space” DNSFilter CEO Reacts to France’s “Bill to Secure and Regulate the Digital Space”

At the end of June, Vint Cerf, one of the “fathers of the internet” published an article on Medium in response to a drafted bill by the French Republic. You can read the original French proposal here, but we’ll also include a version translated into English at the bottom of this article.

First, let me provide a quick summary of what the bill is proposing:

Spurred on by the proliferation of cyber threats and attacks, the government of France is pr...

Your Security Stack & Fantasy Football Team Have More in Common Than You'd Think Your Security Stack & Fantasy Football Team Have More in Common Than You'd Think

If you’re a football fan like many of us at DNSFilter, it’s possible you have a fantasy league in the office or with your friends. Our #sportsball slack channel is keeping many of us going as the weather cools down and the days get shorter. It’s a fun way to discuss and track the football season (and potentially win bragging rights and the respect of your fantasy prowess). 

Now you might be thinking, “How on Earth could fantasy football possibly ...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.