Use live threat data to turn DNS servers into true DNS Firewalls

Carlsbad, CA – October 5, 2016 – ThreatSTOP has released the next generation of its cloud-based solution that easily turns any DNS server into a DNS firewall. The service enables automatic blocking or redirection of network communications in accordance with customizable policies. Version 4 adds graphical reporting with drilldowns and enhanced “Check IOC” functionality. The ThreatSTOP® DNS Firewall prevents a broad range of threats including ransomware, drive-by downloads, botnets and other Internet risks from activating and doing their dirty work.

DNS Firewalls are a necessary layer in a defense-in-depth approach to securing networks and systems. Virtually all Internet connections begin with a DNS lookup, regardless of the device used or network type. ThreatSTOP’s DNS Firewall interdicts outbound connections to malicious domains and IP addresses by enforcing custom policies populated with timely threat intelligence using existing DNS servers. No new hardware or software is needed, and the flow of traffic in the network does not need to be reconfigured. Privacy and confidentiality are preserved because queries and data remain in the customer network.

“Every company uses a DNS server to initiate direct connections to domains and IP addresses. Turning that DNS server into a DNS firewall is the easiest and most effective way to secure networks and systems,” said Paul Mockapetris, DNS inventor and Chief Scientist for ThreatSTOP. “Most of the time, if you just shut down the outbound conversations between malware and the attackers, they will lose interest and move on. The real key though is having a layered policy driven enforcement system that allows for multiple response options, custom reports and detailed queries on specific events, and tools to truly understand the nature of the indicators of compromise.”

ThreatSTOP DNS Firewall supports BIND 9.8.1 and later and all its derivatives including: Infoblox, BlueCat, VitalQIP, and EfficientIP; as well as Windows Server 2016, F5, Knot and PowerDNS.

ThreatSTOP’s next generation DNS Firewall is a significant upgrade to the company’s legacy OEM solution distributed by Infoblox, providing:

  • Full customization of policy and action including custom policy elements from user provided data, enabling custom white, black, and greylisting.
  • Powerful new graphical reports that are fully customizable with filtering and scoping
  • An in-depth research tool that enables users to easily navigate between their data and compiled research information
  • A new agile alerting system.

Legacy OEM customers who migrate to the ThreatSTOP branded next generation version can take advantage of one-time support and transition offerings through ThreatSTOP and its channel partners. ThreatSTOP is offering a fully functional free trial for new customers that takes less than 15 minutes to configure.

Key benefits of the next generation ThreatSTOP DNS Firewall are:

  • Automated blocking or redirection of outbound communications per user policy
  • Graphical summary reporting with event and threat indicator drilldowns enable host forensics for immediate remediation or training
  • Easy to install and works everywhere:
    • Requires no new hardware or software
    • No network reconfiguration required: Queries and data never leave the customer network
    • Can be deployed on premise or in the cloud
    • Works with the overwhelming majority of DNS servers, whether physical, virtual, or cloud.
  • Works with the ThreatSTOP IP Firewall service to block inbound attacks

The DNS firewall acts as the perfect complement to the ThreatSTOP IP Firewall, which prevents inbound communications from bad actors. ThreatSTOP is currently offering a “Starter Kit” for companies of any size that includes both the DNS Firewall and IP Firewall for $25,000 per year. Multi-year licenses are available on request. More details available on the ThreatSTOP website

About ThreatSTOP

ThreatSTOP is a network security company offering a cloud-based threat protection service that protects every device and workload on a network from cyberattacks and data theft. It can protect any network, from virtual cloud networks to branch LANs to the largest carrier networks. The service operationalizes threat intelligence to deflect inbound and outbound threats, including botnets, phishing and ransomware, and prevent data exfiltration. For more information, visit

CONTACTS:   Michael Becce, MRB Public Relations, Inc. | (732) 758-1100 x104