Internet
NSA, CISA Release Guidance on Benefits of Using Protective Domain Name Systems
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have published a cybersecurity information sheet detailing the benefits and risks of using a Protective Domain Name System.
PDNS was designed to address the lack of trustworthiness of upstream DNS infrastructure and DNS registrations that may be compromised or maliciously provisioned, the NSA and CISA said.
The information sheet explained that the DNS is an important component of the internet, responsible for translating domain names into Internet Protocol addresses, Homeland Security Today reported.
PDNS uses open-source, commercial and governmental threat feeds to classify domain information and block queries linked to malicious domains.
A PDNS service may respond to such threats by not returning an IP address answer or by redirecting to a block page, among other actions, the information sheet said.
CISA and the NSA urged organizations to evaluate their own architectures and specific needs when choosing a PDNS service provider. The agencies stressed that the guidance is not meant to serve as an endorsement for any provider.
The guidance does include a list of commercial PDNS offerings classified based on their reported capabilities. The list includes Akamai ETP, BlueCat Networks DNS Edge, Cisco Umbrella DNS SE, EfficientIP DNS Guardian, Neustar UltraDNS and Nominet Protective DNS.
The sheet marks them based on their ability to block malware and phishing domains, filter content, make use of machine learning and heuristics, support application programming interface access and enable customizable policies, among other capabilities.
According to the agencies, the document was published to advance their mission to disseminate information on threats to national security systems, the Department of Defense, the defense industrial base, the U.S. government and critical infrastructure systems.
Category: Cybersecurity