DNSFilter
DNSFilter is a cloud-delivered DNS-layer security and content filtering platform used to control and monitor Domain Name System (DNS) queries across networks, endpoints, and users.
- DNS-layer security and threat protection for networks and roaming users
- Cloud-based content filtering and acceptable use policy enforcement
- Phishing, malware, and command-and-control domain blocking using DNS resolution
- Management console for policy configuration, reporting, and multi-tenant administration
- Integrations with existing network, Software-Defined Wide Area Network (SD-WAN), and identity infrastructures
More About DNSFilter
DNSFilter provides a cloud-based DNS security and web content filtering service that organizations use to manage outbound DNS requests before connections are established at the IP or application layer. By enforcing policies at the DNS level, enterprises, schools, and service providers can block access to domains associated with malware, phishing, botnets, and other unwanted or high-risk categories, while allowing or restricting content based on organizational policies.
The platform operates as a recursive DNS service (network security) that customers point their networks, devices, or users to, either directly through DNS settings on routers, firewalls, and endpoint agents, or indirectly through integrations with identity and access management and networking platforms. When a user or device makes a DNS query, DNSFilter evaluates the requested domain against threat intelligence and content classification data. Based on configured policies, the service either resolves the domain, blocks it with a block page or response, or applies customized handling.
DNSFilter is categorized in the Secure Web Gateway (SWG) and DNS security (network security) segments, with capabilities that intersect with web filtering, user protection, and compliance policy enforcement. Unlike full proxy-based secure web gateways that inspect Hypertext Transfer Protocol (HTTP) and HTTPS traffic payloads, DNSFilter focuses on domain-level control, which applies regardless of application protocol and can cover devices where full proxy or agent deployment is less feasible. This can complement endpoint security, firewalls, or Cloud Access Security Broker (CASB) tools by adding an upstream control point at the DNS resolution step.
From an architectural perspective, DNSFilter relies on globally distributed DNS resolvers (network infrastructure) and a cloud management portal (SaaS security management) through which administrators define policies, assign them to networks, users, or groups, and review activity logs and analytics. The system uses DNS protocols such as standard UDP/TCP DNS, and may also support encrypted variants such as DNS over HTTPS or DNS over Transport Layer Security (TLS) where documented. Administrators can configure content categories, threat protection levels, allow or block lists, and identity-aware policies when integrated with directory or Single Sign-On (SSO) platforms.
Typical enterprise and institutional use cases include protecting corporate offices, remote branches, guest Wi‑Fi, and remote workers; enforcing acceptable use policies for education or public-sector environments; and providing managed DNS security as a value-added service by MSPs and ISPs. DNSFilter’s management capabilities allow multi-tenant account structures, role-based access, and reporting across multiple customer environments or locations, which aligns the service with managed security and service provider scenarios.
Within a technology directory, DNSFilter fits under DNS security, SWG, and web content filtering (network security / web security), with an emphasis on DNS-layer enforcement delivered as a cloud service. It is relevant to enterprise architects and security teams evaluating approaches to reduce exposure to malicious domains, standardize internet usage policies, and add an additional control layer that operates independently of specific endpoints, browsers, or on-premises (on-prem) network hardware.