Skip to content Skip to navigation Skip to footer

Overview

The FortiGuard DNS Filtering Service highlights unusual DNS behavior to boost network protection and improve the detection of malicious activity and compromised systems. It also helps pinpoint the staging areas for rogue domains.

To stop both infiltration and exfiltration attempts, such as a DNS leak, the FortiGuard DNS Filtering Service rejects queries arriving from staging sites over any port or protocol. If compromised devices connect to your network, DNS-layer protection stops any malware they may try to send. It also prevents callbacks from your DNS server to the attackers who may be trying to hijack it. By interrupting this line of communication, the FortiGuard DNS Filtering Service prevents your DNS from being taken over and abused by hackers.

Fortinet Security Fabric Integrations

The strength of Fortinet's platform-driven approach is to enable coordinated workflows including response while customers benefit from a globalized network effect across Fortinet’s worldwide install base. The FortiGuard DNS Filtering Service is integrated into the following Fabric solutions:

 

DNS Prevention Across the Fabric



FortiGate

FortiProxy

FortiDDoS

FortiXDR

FortiTrust

FortiGuard DNS Filtering Use Cases

The FortiGuard DNS Filtering Service protects the integrity and availability of DNS services and helps improve the security, privacy, and reliability of the internet.

/content/dam/fortinet/images/icons/usecases/icon-fortiguard-ips.jpg

PROTECT AGAINST CYBERATTACKS

Protect against cyberattacks such as DNS spoofing and cache poisoning, which can redirect traffic to malicious sites and disrupt internet service.

icon secure private access

ENHANCE PRIVACY

Safeguard user privacy by encrypting DNS traffic and preventing third parties from intercepting or tracking DNS queries.

icon secure internet access

ENSURE RELIABILITY

Prevent disruptions or outages caused by cyberattacks and improve DNS reliability.

Features and Benefits

FORTIGUARD DNS FILTERING

Filters DNS requests based on FortiGuard domain ratings

BOTNET C&C DOMAIN BLOCKING

Blocks DNS requests to known botnet command and control domains

DNS SECURITY EXTENSIONS (DNSSEC)

Uses digital signatures to verify the authenticity of DNS responses

DNS FLOOD PROTECTION

Protects against DNS flood attacks by limiting the number of DNS requests

DNS INSPECTION WITH DOT AND DOH

Supports DNS over TLS (DoT) and DNS over HTTPS (DoH) in DNS inspection

STOPS DOS, DDOS, AND DNS APPLICATION ATTACKS

Performs full inspection of DNS traffic to detect DNS-based application, volumetric, and anomaly attacks

Quick Links

links image 1 139x100

Free Product Demo

Explore key features and capabilities, and experience user interfaces.
resource center icon 139X159

Resource Center

Download from a wide range of educational material and documents.
links image 2 139x121

Free Trials

Test our products and solutions.
contact sales icon 139x85

Contact Sales

Have a question? We're here to help.