WOOF! Newsletter

April 10, 2024

DNS Filtering: How to Block Online Threats Before They Reach Your Users

Is it possible to keep threats & malware out of your network entirely? It is, if you deploy DNS filtering as one of your tools.

Keeping teams secure while they work online is a never-ending task.

Keeping them secure with disruptive security tools? Doubly frustrating. They aggravate users (understandably so!) and hurt everyone’s productivity.

What if a threat protection method existed that got OUT of a team’s way? Something that worked 24/7 to prevent threats before they ever got into your network...and did it with little direct impact on end users.

It does exist. It’s called DNS Filtering.


What is DNS Filtering?

It’s software that deploys a threat filter at the DNS level.

What’s that? ‘DNS level’ is the very beginning of any internet connection. If your company network is a collection of roads, DNS is the very first sign saying, “Go This Way.”

It’s constantly there, in the background. Which makes it a great place to block online threats. Filtering turns DNS into a gatekeeper, an invisible guardian working to keep threats from finding you.


DNS Filtering Dashboard


What DNS Filtering Does, and What it Blocks

A DNS filter protects against threats...before anyone on the team sees them!

Any web traffic that arrives at the DNS level gets a check. If it detects potentially dangerous code attributes, then it’s blocked.

How does the filter tell what’s OK and what’s dangerous? It learns over time.

When first activated, a DNS filter contains basic categories for “good” and “bad” domains. Every day it analyzes more domains, adding to its knowledge, getting better at its job. (You can also whitelist & blacklist specific domains.)

Once in place, it protects all devices you want it to, even when they’re remote.

What does DNS filtering protect against?

  • Zero-day threats
  • Malicious domains
  • Network ‘poisoning’ attacks
  • Risky apps
  • Uninvited Wi-Fi guests
  • Password theft
  • Inappropriate content
  • Social media time-wasting
  • Ads and trackers

You can extend this model to control for other things too. For example, you can put “content filtering” in place. A content filter blocks non-work sites & services.

Social media is a perfect example. Team spending too much time on Instagram? Content filter says no more Instagram (except for the marketing team who posts there!).

Other examples include adult content, gambling, and online games. Not only are they non-work, but these sites often contain malware.

NOTE: While DNS filters work well at blocking, they're not designed to remediate malware that's already inside the network. Always use more than one cybersecurity tool to protect your users. For instance, DNS filtering works well with active threat defense systems, like SentinelOne.


Who Would Get the Most Benefit from DNS Filtering?

We could say “Everyone!” but that’s too simplistic. Who would derive the most benefit from DNS filtering? Not just any benefit, but the most benefit possible.

In our experience, three groups would:

  • Companies with remote teams
  • Companies who’ve suffered any form of cyberattack
  • Companies losing productive time to non-work websites

Is that everyone? Not quite. But one (or more) of these might sound familiar...


Breathe Easier with DNS Filtering in the Background

If you’ve ever had to deal with frustrating, disruptive cybersecurity tools, DNS filtering is worth a look.

It takes an “invisible guardian” approach. Protecting your users as much as it can, while minimizing any disruptions to their daily work.

PlanetMagpie installs and recommends N-Able’s DNSFilter software for DNS filtering. DNSFilter earned the #1 DNS Filtering Product rating from Capterra, G2, and Cybersecurity Breakthrough.

Curious? Ask your questions at .  

Would DNS filtering work for your company? Ask for a demo at .  


Jake Horstmann, IT Support Team Lead