ThreatSTOP Blog

How To Protect Your DNS With A Real PDNS Implementation

Written by threatstop | September 30, 2022

When it comes to implementing security for your systems, of course, there are shortcuts you can take. But should you? Watch the video below as Paul walks you through the steps to protect your organization and your DNS with a PDNS implementation.

 

 

There should be no shortcuts when it comes to protecting your security, your systems, your information, or your customers. There is too much information, the information is too invaluable, the damages can harm your business to where there is no coming back from it. Make sure you have the right tools in place to ensure that your systems are locked up tight so your customers can feel safe and you can rest at ease knowing your systems are secure.

Don’t wait until it’s too late. Let ThreatSTOP stop the threats before they reach your doorstep. Get in touch with one of our experts today to get you started. There’s no such thing as getting started too late, but there is such a thing as not starting at all!

 

Learn More:

PROTECTIVE DNS SECURITY or PDNS: What You Need to Know

DNS Defense Cloud

DNS Defense

 

Video Transcripts

Timestamps

0:00 Intro
0:05 Undesirable Content Forms
0:20 Steps To PDNS Implementation

0:05 Undesirable Content Forms

So how is this going to work? Well, the way it's going to work is that we're going to be able to take a look at incoming email SQL queries and web pages, and we're going to be able to pick out the bad guys, the ones I've colored here red. Why don’t we do that. 

0:20 Steps To PDNS Implementation

We'll talk about that but let's talk about a real PDNS implementation. These are the nitty-gritty details that kind of slow you down. The appropriate network, right criteria. Well, you might have to resegment your network. You don't have to deal with DHCP and DNS parameters. You don't know there's lots of organizations where people have come in and plugged in an access point into the network and there went the security of the network because all of a sudden there was an open access point that was there for convenience. 

Knowing what's in your network is the first step. Getting the threat intelligence, again, there's a variety of sources for it. That's not the problem. The problem is being able to customize it to your environment and be able to get the continuous updates. Deploying the threat intelligence RPZ response policy zones is a semi-standard, but implementations vary a little bit. You have to process the results.

You want to make sure that you don't export confidential info in the course of looking at the results. So if you ship your results off to a supplier to be examined and generate reports, well that means they know a lot about what's going on inside your network. That might or might not make you nervous, and then you got to incorporate what's learned. 

Now you might sit back and say, well gee, this is all very complicated. I don't have the security staff and so forth and so on. The good news is that these tasks can, in some cases, be ignored, and in some cases, can be outsourced.