skip to Main Content

Support evolving encrypted
DNS standards with confidence

You can improve privacy through DoT and DoH without losing control over DNS

Stay ahead of
evolving changes

Reduce operational complexity and security risks from unforeseen DoT and DoH issues

Keep it in house

Retain control by not allowing browsers and apps to circumvent internal network infrastructure

Maintain user experience
levels

Block resolution to DoH domains and facilitate a graceful fallback to existing internal DNS

Deliver internal
DNS service

Host internal DoT and DoH resolvers and avoid sending internal DNS traffic to external third-party resolvers

Solve
the challenges and
security risks
sparked by
DoT and DoH

Maintain control over DNS

While DNS over TLS (DoT) and DNS over HTTPS (DoH) were developed to improve DNS privacy, both can create challenges and even potential security risks for network administrators. Worse yet, both protocols circumvent established DNS controls–and are now being deployed on networks through recent browser updates and operating system releases.

Infoblox solutions allow organizations to retain control over their DNS by not only blocking access to external third-party DNS resolvers but also efficiently encrypting these “last mile” DNS requests from DoT and DoH clients.

Key benefits

Maintain security

Major security agencies, including the NSA in the United States, recommend that organizations take steps to reduce the risks these technologies pose. Infoblox helps decrease exposure to data exfiltration and malware proliferation, two threats that DoH can expose protected networks to through back doors.

Preserve performance

The use of cloud DNS may affect subscriber performance since DNS requests via DoT and DoH will need to travel off network. Routing DNS off the network will always make the DNS experience slower. Infoblox resolves this issue, delivering best-in-class DNS services along with efficient encryption for solid security.

Provide visibility

Where are users visiting? Are they accessing objectionable content? With DoT and DoH, network administrators cannot offer DNS-based network-level content filtering and protection. Through the ability to block access to external DNS resolvers and provide internal encrypted DNS resolution, Infoblox enables service providers to maintain control over DNS, with clear visibility into network operations.

Simplify IT operations

Protocols like DoH can make troubleshooting complicated. Support teams need to be trained to identify if DoH clients are installed, or browser-level settings have been altered. With Infoblox, organizations can offer these new encrypted DNS standards internally on their networks while blocking access to external cloud DNS resolvers.

Explore related products

BloxOne®
Threat Defense

BloxOne® Threat Defense

Protect the network, subscribers and the brand with powerful DNS security in a lightweight footprint—delivering automatic monitoring and proactive threat detection.

Infoblox NIOS
platform

Infoblox NIOS platform

Provide the power, agility and scalability they need to deliver the fast, always-on networking experiences necessary to thrive in a hyper-connected age.

High performance and secure DNS caching

High Performance and secure DNS caching

Sustain sub-millisecond latency, provide fast response and maintain service availability.

Advanced
DNS protection

Advanced DNS protection

Guard your DNS against the widest range of DNS attacks and ensure maximum uptime.

As DNS privacy standards evolve,
maintain control over your DNS

Back To Top