By Gabriel Castro, Systems Engineer
OpenDNS Umbrella is a new platform we are deploying to all of our TotalCare clients as an added layer of protection. In order to understand how OpenDNS protects your network and users, we must first do a quick DNS 101 – Spark Notes edition.
The world wide web is made up of many thousands of servers. Many companies host websites and other data applications that serve information to people and devices that request it. In this example, if I wanted to go to CNN.com, I am asking my computer to retrieve data (text, images, video, etc.) that is located on one of many web servers and bring it back to me. The question is, how does your computer know which one server it should go talk to for CNN data?
Domain Name System (DNS) is a system that translates your easy-to-remember URL, like CNN.com, into an IP address. IP addresses are like home addresses. Point to a specific one, for example 22.214.171.124, and you will reach a server somewhere (in this case, CNN’s web server). Like we said before, this is the spark notes edition so we are skipping a lot of little technical details. Back to DNS, 126.96.36.199 is CNN’s web server but imagine having to remember that complex number every time you wanted to read the news. After a couple of days, I’m sure you’d remember it but what about remembering every IP address of every website you want to visit? That is clearly too much to remember, which is why DNS was born.
The Domain Name System is a system of domains (e.g. redcross.org, cnn.com, aol.net) that take the place of IP addresses. Your data is still pointed to an IP address, but DNS takes your easy-to-remember word URL and asks its resources what IP address will get you what you want. It is very similar to using an address to look up a phone number. Once DNS has found the right IP address of the site or resource you are looking for, it hands it to your device or computer so that it can make that same request all over again directly to the right place. It all happens very fast behind the scenes and luckily, we don’t have to think about it.
DNS is a great tool and it helps us ask for and receive information efficiently. It can also be used as weapon by people who want to cause digital damage to others. For example, when you type in a URL that is clearly an accident (e.g. cnnn.com), hackers who have purchased that domain will redirect your browser/computer to an IP address that belongs to their own web servers. At this point they can start delivering malware and other harmful data to your computer. This can sometimes be annoying pop-ups that try to get you to click on bad links or make fraudulent purchases.
With a growing number of threats, hacks, and attacks on information systems, everyone is more vulnerable to data theft and ransomware. At SWAT Systems, we are constantly looking for ways to improve our client’s networks which is why we have added OpenDNS Umbrella to our list of proactive protection. The OpenDNS Umbrella tool sits on your network and scans every DNS request before it is translated into an IP address. If it detects that there is a request for a site or server that is known to deliver malware or phishing tactics, it will block the request before your computer gets a chance to ask it for anything else. OpenDNS processes an average of 60 billion DNS requests everyday through their 24 data centers worldwide. They are constantly collecting anonymous data that helps them put together an ultimate “do not allow” list of known malware locations. Their robust DNS analytics allow them to quickly protect networks against new malware servers the moment one of their datacenters detects it. On top of that, they are now a part of Cisco which joins two network giants under one roof.
While OpenDNS does have the capabilities of filtering many categories of web content (e.g. gambling, illegal drugs, pornography, social media, etc.), our main goal is to deploy it on your network so that it blocks any requests that are deemed a security risk for your data. We highly recommend you implement it on your network as an extra layer of security for your servers, workstations and employees. While there is no one tool that can guarantee 100% protection from malware or hackers, OpenDNS is an easy step you can take to greatly strengthen your company’s security. Plus, our TotalCare clients receive it at no cost, which includes installation, configuration, and ongoing maintenance. Email or call your account manager today if you are interested in getting this tool deployed on your network.