Hello, Guest!

Cybersecurity

NSA, CISA Release Guidance on Benefits of Using Protective Domain Name Systems

Internet

NSA, CISA Release Guidance on Benefits of Using Protective Domain Name Systems

The National Security Agency and the Cybersecurity and Infrastructure Security Agency have published a cybersecurity information sheet detailing the benefits and risks of using a Protective Domain Name System. 

PDNS was designed to address the lack of trustworthiness of upstream DNS infrastructure and DNS registrations that may be compromised or maliciously provisioned, the NSA and CISA said.

The information sheet explained that the DNS is an important component of the internet, responsible for translating domain names into Internet Protocol addresses, Homeland Security Today reported

PDNS uses open-source, commercial and governmental threat feeds to classify domain information and block queries linked to malicious domains.

A PDNS service may respond to such threats by not returning an IP address answer or by redirecting to a block page, among other actions, the information sheet said.

CISA and the NSA urged organizations to evaluate their own architectures and specific needs when choosing a PDNS service provider. The agencies stressed that the guidance is not meant to serve as an endorsement for any provider.

The guidance does include a list of commercial PDNS offerings classified based on their reported capabilities. The list includes Akamai ETP, BlueCat Networks DNS Edge, Cisco Umbrella DNS SE, EfficientIP DNS Guardian, Neustar UltraDNS and Nominet Protective DNS.

The sheet marks them based on their ability to block malware and phishing domains, filter content, make use of machine learning and heuristics, support application programming interface access and enable customizable policies, among other capabilities.

According to the agencies, the document was published to advance their mission to disseminate information on threats to national security systems, the Department of Defense, the defense industrial base, the U.S. government and critical infrastructure systems.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity