Security Policies

Malicious domains

Enabling the option to block malicious domains will block:

• Malware
• Malware distribution points
• Ransomware
• Phishing
• Command and control domains
• Cryptocurrency mining domains

You can also choose to block DGA (Domain Generation Algorithm) and DNS Tunneling domains, which are mostly used for malicious purposes.

Important Note Before blocking DGA and DNS Tunneling domains, please monitor them as certain anti-virus and music streaming applications use DNS Tunneling for backend functionality.

Advanced DNS Security Options

There are options to block suspicious domains that are:

• Parked domains: Domains that are registered but not currently in use, often used for spam, phishing, or other malicious activities
• Newly registered domains: Domains that have been registered in the past 7 days, considered high-risk as they may be used for malicious activities
• Rebinding domains: Domains that resolve to internal domains can be used by malicious actors to carry out attacks.These could also be misconfigurations.

Important Note Many malicious actors use newly registered domains to carry out malicious activities before being detected. Rebinding domains can be a sign of malicious activity, so review and block them as appropriate.