Skip to main content
What is a Site?
Updated over 10 months ago

DNS Guard is a solution that protects your network actively by monitoring and filtering DNS traffic. A Site is a server that processes your DNS queries. In this article, we'll deep-dive into the specifics of a DNS Guard.

DNS Flow

When a device wants to connect with a website, server, or other destination, it will use DNS to look up an IP address. The simplified process looks like this:

Diagram+zonder+titel.drawio

The DNS server can be compared with a very large phone book. It knows the IP addresses of many destinations on the internet.

When DNS Guard is used, the device won't query a "normal" DNS server but will query the SecurityHive DNS Guard Site. It is a DNS server that has the ability to monitor, filter and protect the traffic. It filters out bad traffic and prevents a device from connecting to a malicious or unwanted destination.

Functions of a DNS Guard Site

A DNS Guard server is a single instance with a configured set of rules. Creating one or more DNS Guard Sites in your environment is possible.

A DNS Guard Site has the following properties:

  • Filter traffic based on filter lists (popular lists maintained by open-source projects to block unwanted traffic).

  • Filter traffic based on categories (like Tracking, Phishing, Porn, Ransomware, Crypto, Piracy, Gambling Torrent, Drugs, Fraud, and more).

  • Filter traffic based on customizations (block or allow specific destinations yourself).

  • Filter traffic based on our Threat Intelligence Feeds (real-time updates of potential security threats).

  • Enable/disable filtering (disabled option only resolves traffic).

  • Enable Cache Boost (enforce a minimal TTL to increase cache hits and gain a performance boost).

  • Specify upstream DNS servers.

  • Receive/answer DNS over HTTPS (DoH) requests

  • Receive/answer plain DNS queries

Getting started is very easy. Create a DNS Guard Site in the Portal and configure your device(s) and network to use DNS Guard.

Did this answer your question?