CMMC COMPLIANCE

DNS Filtering

Overview of DNS Filtering in OneView

Malwarebytes DNS Filtering uses the Domain Name System (DNS) to limit the number of domain-based threats on a network. This ensures your company data remains secure while allowing control over what users can access regardless of the connected network.

Domain Name System

DNS translates domain names into IP addresses that web browsers and applications use for network communication. When an endpoint attempts to reach a domain, a DNS Resolution request is made to look up the IP address and return it back to the endpoint. The endpoint proceeds to the domain once that IP address is identified.

DNS over HTTPS

DNS over HTTPS (DoH) encrypts DNS network traffic by passing queries through an HTTPS encrypted session. Data privacy and security are improved by only transmitting necessary information during the DoH query process. DoH helps prevent spoofing and man-in-the-middle attacks across protected endpoints.

Hosts file monitoring

A hosts file is a file on the computer that the operating system uses to map hostnames to IP addresses. Modifying the file enables users to access sites without making a DNS Resolution request. The DNS Filtering module monitors the host file for modifications to ensure bypassing is not allowed.

The domain is verified with our module before allowing a user access to a site. The user will not be granted access if the domain registers to a blocked category of a DNS Filtering rule.

DNS Filtering

The DNS Filtering page in OneView grants you control over what users can access on endpoints by blocking malicious websites and filtering out harmful or inappropriate content.

To get started with DNS Filtering, see Create global DNS Filtering exclusions in OneView.

Requirements for DNS Filtering in OneView

Malwarebytes DNS Filtering has the following requirements:

Domain Requirements

Domains and sub-domains that are Fully Qualified Domain Names such as (mail.google.com) or Partially Qualified Domain Names such as (google.com) are supported. Single label domains such as (contoso) are not supported.

Feature Requirements

  • An active subscription to Malwarebytes Incident Response, Endpoint Protection, or Endpoint Detection and Response.
  • An active subscription to the DNS Filtering module.

Endpoint Requirements

Endpoints require the following operating systems to filter network traffic. macOS operating systems are not supported.

NOTICE – The following system requirements are specific for DNS Filtering. For our Endpoint Protection requirements, see System requirements for OneView.

  • Windows Server: 2022, 2019, 2016, 2012, 2012 R2
  • Windows: 11, 10, 8.1

CAUTION – DNS Filtering is not supported on DNS Servers and will block communications.

Browser and Operating System Requirements

DNS over HTTPS (DoH) or Secure DNS must be disabled for browsers and operating systems to allow Malwarebytes DNS filtering to operate properly. See the following articles for managing Windows and browser DoH settings via Group Policy.

Note: Look up instructions for your specific browser if DoH needs to be disabled manually on an endpoint.