This story is from the category Services and the dossier Security and stability

Reducing IT risks at the DNS level

The SWITCH DNS Firewall Service protects any device that uses the Domain Name System (DNS). This is an ideal service to add to existing web security services. Ultimately, a simple way for organisations to save on ICT support is by effectively protecting themselves against cyber attacks.

Text: Séverine Jagmetti, published on 26.09.2017

For years, the SWITCH foundation has been fighting cyber criminals on the Internet, taking a proactive approach to dealing with malware, phishing and fraudulent webshops. The SWITCH DNS Firewall, available since 2015, offers customers a key component for comprehensive Internet security within their organisations. With minimal outlay, they can prevent infections or identify systems already infected.

The SWITCH DNS Firewall is a simple means of developing a more acute awareness of dangerous websites, particularly in companies where internal security awareness may be inadequate. In view of increasing threats on the web and the associated potential for financial and reputational damage to companies, the SWITCH service has been very well received by IT managers. One thing they particularly value about this additional service is its ease of use. Most Swiss universities already use the SWITCH DNS Firewall. Increasingly, the service is now also being used by banks and other companies in the private sector.

"We use the Response Policy Zones managed by SWITCH, with hits analysed by SWITCH as well. This has led to a significant improvement in malware prevention and detection with a relatively small amount of effort. Even though we are logging quite a lot of hits, the level of acceptance among our users is very high. Generally speaking, DNS Firewall has become an efficient cornerstone of IT security at HSR."

Roman Rüegg, IT Security Officer, University of Applied Sciences, Rapperswil

DNS RPZ as protective shield

Domain Name Service response policy zones (DNS RPZ) allow the targeted overwriting of DNS information, making it possible to generate alternative responses to DNS queries. This is a skilful means of preventing visits to criminal websites. An organisation’s recursive DNS servers are specially configured to selectively block queries for dangerous domain names which carry the risk of phishing or malware, and re-routes them to a secure landing page. This technology makes it possible to protect any device – including mobile and server devices – from malicious external systems, even before a connection is established.

SWITCH-CERT provides the foundation

Even more than technology, it is the professionalism of SWITCH-CERT that makes the SWITCH DNS Firewall service so successful. The customer receives a threat list focussed on Switzerland, based on a unique mix of current and relevant data that SWITCH-CERT compiles from its national and international activities. This expertise is the product of SWITCH-CERT’s years of in-depth security experience. That includes analysis of current malicious software, from malicious domains to the registry operations of the TLDs .ch and .li, as well as analysis and classification of national and international data feeds.

"Using the SWITCH DNS Firewall, unfortunate users are redirected to an internal web page informing them about the risks of browsing the WWW. We have had great experience with it, also thanks to the quick response of SWITCH to our queries."

Stefan Lüders, Head of Computer Security, CERN

In sum, the benefits SWITCH DNS Firewall provides the organisation relate to the following parameters:

  • Prevention: blocking access to infected sites thwarting internal infection.
  • Detection: the SWITCH DNS Firewall service detects any previously infected computers.
  • Security reports ensure the customer is promptly notified of any such infections
  • Awareness: a parameterised landing page makes employees more vigilant when they access websites.
  • Efficiency: eliminate infections much more quickly to reduce the risk of harm. Finally, the company requires less overall ICT support.
Contact person

Michael Fuchs

Solution Consultant
phone +41 44 268 16 27
e-Mail

Try out SWITCH DNS Firewall free for 60 days

You have the option of a 60-day free trial of the service. Please get in touch with our Solution Consultant Michael Fuchs, tel. +41 44 268 16 27 or the Security Team, +41 44 268 15 40 (office hours).

SWITCH-CERT – a leading national centre of expertise

SWITCH has been working hard to make the Internet a safer place for more than 20 years and is one of the leading Swiss organisations for local threat intelligence, detection and incident response. SWITCH-CERT sets itself apart in a number of ways:

  • local threat intelligence and detection based on monitoring, malware analysis and correlation from a variety of sources
  • a track record stretching back some ten years as CERT for a number of Swiss banks
  • extensive experience in managing and moderating trusted communities at the highest level of trust
  • a national and international network of partnerships and CERT communities built up systematically over 20 years and actively nurtured
  • its own data network for the Swiss academic community with around 400,000 users as a basis for monitoring
  • a unique combination of CERT and ccTLD registry
Other articles