The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) highlighted in a recently released cybersecurity information sheet the importance of implementing a Protective Domain Name System (PDNS) service to enhance internet defense against cyber attacks.
NSA said Thursday that the Selecting a Protective DNS Service publication also contains information about effective ways of PDNS implementation, criteria for choosing a security service provider and a list of different PDNS providers' offerings.
PDNS works to enable threat mitigation and DNS query analysis through the use of DNS protocols and architecture. The service also provides network security and phishing and malware protection by categorizing domain information and preventing queries to identified malicious domains based on threat feeds from open source, government and commercial industry.
The sheet does not specifically endorse any PDNS products but provides NSA and CISA customers with a summary of services that they can analyze to determine which PDNS providers meet their respective needs.
NSA also shares the findings of a six-month PDNS program that saw several defense contractors employing a PDNS as a service that analyzed over 4 billion DNS queries and stopped identified malicious domains from connecting with participating networks.
The NSA pilot was launched in partnership with the Cyber Crime Center of the Department of Defense.