Switch DNS Firewall

Enhance your organisation's security with the Switch DNS Firewall: Our firewall utilises the technology of Domain Name Service Response Policy Zones (DNS RPZ) to modify specific DNS information. Through this modification, alternative responses to DNS queries for domains with malicious content can be generated. This effectively protects all devices before a connection to potentially harmful systems is established.

Prevention

By blocking access to infected websites, infections can be prevented at their source.

Detection

Thanks to our mandate as a .CH domain registry, Switch is able to reliably identify already infected domains and systems. As a DNS firewall customer, you benefit from our expertise and are promptly informed about infected systems in your organisation through security reports.

Awareness

When access is attempted to a malicious domain, users are redirected to a secure landing page. This not only contributes to improving IT security but also enhances general awareness of the dangers on the internet.

Functionality

The following graphics show the functionality of DNS RPZ and the Switch DNS Firewall:

Specialised in Threat Analysis, Detection, and Incident Response

Thanks to our long-standing expertise as a national Computer Emergency Response Team (CERT), Switch customers benefit from unique security analyses. With centralised evaluation as a .CH Registry and other national and international information sources, the Switch DNS Firewall has an up-to-date and reliable database on internet threats.

Switch DNS Firewall Modules

The following modules can be freely combined:

RPZ Feed: Harmful or infected domains identified by Switch are sent in aggregate to your organisation's DNS system. This allows it to recognise and block threatening domains. Switch RPZs are not tied to any specific provider and are supported by all common DNS appliances and server software.
Landing Page: Malicious requests are redirected to a specific landing page. This provides end users with information about blocked access attempts. In addition to HTTP/HTTPS, other protocols and their respective ports are also covered to fully inform users.
Notification of Infected Systems: As a customer, we promptly inform you of attempted accesses to infected systems through security reports. The reports are based on the DNS-RPZ log data sent from your organisation to Switch. This gives you a comprehensive overview of the current threat landscape within your organisation.
With our redundant system architecture, we guarantee high system availability. Thanks to anycast implementation, latency is also minimised.

Our team is ready to support you with extensive expertise in finding the right solution and integrating the DNS Firewall.

Testimonials

«The Switch DNS Firewall is a smart and straightforward solution that provides an effective complement to security solutions already in place at our organisation. The landing page clearly explains the reason for a blocked access to the user, which alleviates confusion. We’ve used it since July 2017 here at EPFL and are completely satisfied with it.»
Patrick Saladino
Head of Operational IT Security, École polytechnique fédérale de Lausanne, 16,000 users

« CERN is using the Switch DNS Firewall since Q4 2015 for pro-actively preventing our user community accessing malicious domain names and phishing websites. Using the Switch DNS Firewall, unfortunate users are redirected to an internal webpage informing them about the risks of browsing the WWW. So far, we have made great experience with it, also thanks to the quick response of Switch to our queries and input, and observed no false positives nor mayor issues.»
Stefan Lüders
Computer Security Officer, CERN, The European Organisation for Nuclear Research, 3,000 users

«The University of Bern has been using the Switch DNS Firewall from Switch since 2015. It is very easy to integrate into an existing environment. It is low-maintenance and very effective at preventing phishing and malware. As soon as a university user tries to access a malicious website, the Switch DNS Firewall returns an alternative response in the form of a secure landing page with an explanation of the potential threat posed by the page the user was trying to access. Switch's DNS RPZ feed is extremely helpful and focuses on threats to Swiss organisations. »
Thushjandan Ponnudurai
Network Security Engineer, University of Bern, 21,000 users

«Jisc has worked and collaborated closely with Switch for over 5 years, helping shape and support Jisc’s Janet Network Resolver Service, a protective DNS service which supports over 300 Higher and Further Education organisations in the UK, representing over 2.7 million users. Switch's DNS Firewall data feeds have proved an effective tool in trying to prevent common attack vectors such as phishing and ransomware aimed at the UK education community. We look forward to continuing our close partnership with Switch in tackling a common threat.»
Andrew Davis
Jisc, Infrastructure and Critical Services Manager (Cyber security)