Using the internet is a consistent part of our everyday lives. Watch the video below as Paul talks about how you protect yourself and your privacy while surfing or taking care of business.
Whether just leisurely browsing or signing documents, you want to know you are protected. Having protective DNS is great, but there is no such thing as a perfect DNS firewall or one perfect DNS filtering system.
Let ThreatSTOP help you stop the threats early, before they cause harm or compromise your network security. We can get you started with the knowledge and education you need to protect your users and their devices and build a protective DNS security system. Get in touch with us today and get protected.
Learn More:
What DNS Security Does A Typical Enterprise Need?
Video Transcript
Timestamps
0:00 Intro
0:06 No One Perfect Security Technique
You have to understand, at the start, that there's no one perfect security technique for DNS.
Protective DNS deals with where information is coming from so you can decide whether or not you want to let it pass. Pretty simple.
One of the things it requires is a list of who's naughty and who's nice to help you decide what you want to reject. It turns out that of course there's a whole bunch of policy issues here about whether or not you want to view commercials, whether or not you want to view porn, whether or not you want to view sports. All of these things can be tuned and we're not going to talk about your particular set of choices.
But the point is that again it's rejecting traffic before it enters your network so that it's certainly the most efficient way to do it. It's not to say that endpoint protection. You know, your antivirus in your computers, isn't important, but you have to realize that what that's trying to do is to look inside the content so:
A) it has to have received the contents, and
B) it has to be able to take it apart and understand what's naughty and what's nice, and computer science professors will tell you that it involves a certain amount of computation and you can't do it perfectly.
So lastly, the other technique that people use is behavior. What does it do and that means that you take a piece of suspect material and you put it in what's called a sandbox, and it's a fake environment where you try and see if it's going to do something naughty again. This is something that's complicated and so forth. But it's part of a lot of AV products.
So really what you want is the fast and easy protective DNS, and then you want antivirus backing it up. But doing it in layers means that if any one layer fails, the others may save you.