CMMC COMPLIANCE
DNS Filtering
Overview of DNS Filtering in OneView
Domain Name System
DNS translates domain names into IP addresses that web browsers and applications use for network communication. When an endpoint attempts to reach a domain, a DNS Resolution request is made to look up the IP address and return it back to the endpoint. The endpoint proceeds to the domain once that IP address is identified.
DNS over HTTPS
DNS over HTTPS (DoH) encrypts DNS network traffic by passing queries through an HTTPS encrypted session. Data privacy and security are improved by only transmitting necessary information during the DoH query process. DoH helps prevent spoofing and man-in-the-middle attacks across protected endpoints.
Hosts file monitoring
A hosts file is a file on the computer that the operating system uses to map hostnames to IP addresses. Modifying the file enables users to access sites without making a DNS Resolution request. The DNS Filtering module monitors the host file for modifications to ensure bypassing is not allowed.
The domain is verified with our module before allowing a user access to a site. The user will not be granted access if the domain registers to a blocked category of a DNS Filtering rule.
DNS Filtering
The DNS Filtering page in OneView grants you control over what users can access on endpoints by blocking malicious websites and filtering out harmful or inappropriate content.
To get started with DNS Filtering, see Create global DNS Filtering exclusions in OneView.
Requirements for DNS Filtering in OneView
Domain Requirements
Domains and sub-domains that are Fully Qualified Domain Names such as (mail.google.com) or Partially Qualified Domain Names such as (google.com) are supported. Single label domains such as (contoso) are not supported.
Feature Requirements
- An active subscription to Malwarebytes Incident Response, Endpoint Protection, or Endpoint Detection and Response.
- An active subscription to the DNS Filtering module.
Endpoint Requirements
Endpoints require the following operating systems to filter network traffic. macOS operating systems are not supported.
- Windows Server: 2022, 2019, 2016, 2012, 2012 R2
- Windows: 11, 10, 8.1
Browser and Operating System Requirements
DNS over HTTPS (DoH) or Secure DNS must be disabled for browsers and operating systems to allow Malwarebytes DNS filtering to operate properly. See the following articles for managing Windows and browser DoH settings via Group Policy.
Note: Look up instructions for your specific browser if DoH needs to be disabled manually on an endpoint.