CISA’s Protective DNS Service Now Available to Federal Agencies

The Protective Domain Name System is being deployed to federal agencies by the Cybersecurity and Infrastructure Security Agency to protect against internet traffic risks and strengthen the government’s cyber posture. Partner agencies gave CISA’s Quality Services Management Office input regarding functionality during the development of Protective DNS, which generates real-time logs and reports that provide visibility into agency networks. According to Eric Goldstein, CISA’s executive assistant director for cybersecurity, the system equips federal organizations with modern threat detection tools and bars users from accessing malicious destinations, FCW reported.

Goldstein outlined other ways Protective DNS would protect government networks in a blog post on Tuesday. One key feature he mentioned is that the system will cover on-premises networks, cloud-based assets and mobile devices from any location. It also contains commercial threat intelligence feeds and conforms to zero trust principles.

Protective DNS is one of three shared services that CISA offers, the others being vulnerability disclosure policy and security operations center-as-a-service. The agency’s Cyber QSMO is the shared services provider for cybersecurity solutions for the entire federal government, receiving the designation in 2020. It is a market hub for standardized cybersecurity products that also provides adoption and integration support for customers. In 2021, the office announced that it would expand its offerings to include security capabilities for smartphones, tablets and other devices.