Switch DNS Firewall

Enhance your organisation's security with the Switch DNS Firewall: Our firewall utilises the technology of Domain Name Service Response Policy Zones (DNS RPZ) to modify specific DNS information. Through this modification, alternative responses to DNS queries for domains with malicious content can be generated. This effectively protects all devices before a connection to potentially harmful systems is established.


By blocking access to infected websites, infections can be prevented at their source.



Thanks to our mandate as a .CH domain registry, Switch is able to reliably identify already infected domains and systems. As a DNS firewall customer, you benefit from our expertise and are promptly informed about infected systems in your organisation through security reports.


When access is attempted to a malicious domain, users are redirected to a secure landing page. This not only contributes to improving IT security but also enhances general awareness of the dangers on the internet.


The following graphics show the functionality of DNS RPZ and the Switch DNS Firewall:

Specialised in Threat Analysis, Detection, and Incident Response

Thanks to our long-standing expertise as a national Computer Emergency Response Team (CERT), Switch customers benefit from unique security analyses. With centralised evaluation as a .CH Registry and other national and international information sources, the Switch DNS Firewall has an up-to-date and reliable database on internet threats.

Switch DNS Firewall Modules

The following modules can be freely combined:

  1. RPZ Feed: Harmful or infected domains identified by Switch are sent in aggregate to your organisation's DNS system. This allows it to recognise and block threatening domains. Switch RPZs are not tied to any specific provider and are supported by all common DNS appliances and server software.
  2. Landing Page: Malicious requests are redirected to a specific landing page. This provides end users with information about blocked access attempts. In addition to HTTP/HTTPS, other protocols and their respective ports are also covered to fully inform users.
  3. Notification of Infected Systems: As a customer, we promptly inform you of attempted accesses to infected systems through security reports. The reports are based on the DNS-RPZ log data sent from your organisation to Switch. This gives you a comprehensive overview of the current threat landscape within your organisation.
    With our redundant system architecture, we guarantee high system availability. Thanks to anycast implementation, latency is also minimised.

Our team is ready to support you with extensive expertise in finding the right solution and integrating the DNS Firewall.




Michael Fuchs

Senior Information & Cyber Security Consultant



Matthias Seitz

Product Manager