Protective DNS

Preventing Cyberattacks: The Need for Protective DNS Solutions

In minutes, domain names, IP addresses and other Internet identifiers can be crafted or acquired by bad actors for predatory purposes including unwanted traffic, malware distribution, confusing similarities, pump and dump schemes, and every other nefarious activity which relies on high-quality DNS service.

To counter fast-evolving threats, enterprises need effective, easy-to-use Protective DNS solutions based on real-time intelligence. Protective DNS is a set of security services, including DNS Firewalls, developed to protect enterprises against the abuse of Domain Name System (DNS) assets, including domain names and IP addresses.

Farsight Protective DNS Solutions

Farsight has offered Protective DNS technologies since 2014, when the company first launched Newly Observed Domains (NOD). Among the Protective DNS solutions we offer:


Newly Observed Domains (NOD)


Newly Active Domains (NAD)

Response Policy Zones (RPZ) is a distributed DNS Firewall solution first created by current members of the Farsight team in 2010. RPZs have become a go-to security tool for enterprises, who can select their preferred commercial and open-source policy RPZ feeds that address their specific security threats, from phishing and ransomware to Domain Generation Algorithm (DGA) botnets and more.

Farsight Security has longstanding partnerships with ThreatSTOP, BlueCat Networks and Infoblox and other fellow DNS Firewall (RPZ) technology and policy providers to network operators who keep their DNS services on-premise or in-perimeter, as well as several Protective DNS providers including DNSFilter and Heimdal Security who offer DNS Firewall services in the cloud for network operators who prefer to outsource.

Case Studies

SUNBURST: Mapping Malicious Activity Using Farsight Historical Passive DNS

By studying the investigation into the SUNBURST attack, this case study demonstrates how cyber analysts can easily and quickly examine and visualize the scale of a malware attack— whether during or after the incident—using Farsight DNSDB passive DNS data and Maltego.


Brand Protection During a Global Pandemic

To understand the entire brand infringement threat, brands need a comprehensive approach that goes beyond just monitoring.

Additional Resources


Farsight Corporate Overview


Farsight Protective DNS Overview