The SWITCH DNS Firewall Service protects any device that uses the Domain Name System (DNS). This is an ideal service to add to existing web security services. Ultimately, a simple way for organisations to save on ICT support is by effectively protecting themselves against cyber attacks.
For years, the SWITCH foundation has been fighting cyber criminals on the Internet, taking a proactive approach to dealing with malware, phishing and fraudulent webshops. The SWITCH DNS Firewall, available since 2015, offers customers a key component for comprehensive Internet security within their organisations. With minimal outlay, they can prevent infections or identify systems already infected.
The SWITCH DNS Firewall is a simple means of developing a more acute awareness of dangerous websites, particularly in companies where internal security awareness may be inadequate. In view of increasing threats on the web and the associated potential for financial and reputational damage to companies, the SWITCH service has been very well received by IT managers. One thing they particularly value about this additional service is its ease of use. Most Swiss universities already use the SWITCH DNS Firewall. Increasingly, the service is now also being used by banks and other companies in the private sector.
"We use the Response Policy Zones managed by SWITCH, with hits analysed by SWITCH as well. This has led to a significant improvement in malware prevention and detection with a relatively small amount of effort. Even though we are logging quite a lot of hits, the level of acceptance among our users is very high. Generally speaking, DNS Firewall has become an efficient cornerstone of IT security at HSR."Roman Rüegg, IT Security Officer, University of Applied Sciences, Rapperswil
Domain Name Service response policy zones (DNS RPZ) allow the targeted overwriting of DNS information, making it possible to generate alternative responses to DNS queries. This is a skilful means of preventing visits to criminal websites. An organisation’s recursive DNS servers are specially configured to selectively block queries for dangerous domain names which carry the risk of phishing or malware, and re-routes them to a secure landing page. This technology makes it possible to protect any device – including mobile and server devices – from malicious external systems, even before a connection is established.
Even more than technology, it is the professionalism of SWITCH-CERT that makes the SWITCH DNS Firewall service so successful. The customer receives a threat list focussed on Switzerland, based on a unique mix of current and relevant data that SWITCH-CERT compiles from its national and international activities. This expertise is the product of SWITCH-CERT’s years of in-depth security experience. That includes analysis of current malicious software, from malicious domains to the registry operations of the TLDs .ch and .li, as well as analysis and classification of national and international data feeds.
"Using the SWITCH DNS Firewall, unfortunate users are redirected to an internal web page informing them about the risks of browsing the WWW. We have had great experience with it, also thanks to the quick response of SWITCH to our queries."Stefan Lüders, Head of Computer Security, CERN
In sum, the benefits SWITCH DNS Firewall provides the organisation relate to the following parameters: