Millions of users, M2M updates & IoT devices rely on the Domain Name System (DNS) to connect automatically to websites and domains. Use RPZ as a DNS firewall so you don’t run the risk of connecting to domains that are used to install malware, ransomware, botnets.
Response Policy Zones (RPZ) threat intelligence provides protection against malicious domains used to install botnets, ransomware and other malware.Start your free trial
Deteque researchers and automated systems gather information from across the internet to identify actively malicious domains, low reputation domains before they become active and compromised IP addresses.
The data sets of poor reputation domains and IP addresses is the cyber threat intelligence you need to provide your network with protection against botnets, ransomware and domain based security threats.
Online fraud, disruption and exploitation take many forms so Deteque Zones are always evolving to take into account new types of threats and new ways cyber criminals abuse the DNS process.Download the datasheet
Without RPZ, a client queries a local DNS resolver. If the IP address for that domain is not included in its cache, it will query in turn an external root server, the Top Level Domain server and the domain server itself to get access to the site. The process will return both legitimate and malicious sites.
When a client initiates a query on an RPZ enabled nameserver, each step of the recursive DNS process is analyzed to identify bad domains, addresses and nameservers. If RPZ identifies a security risk then the DNS server returns a ‘does not exist’ type answer to prevent access.Download the factsheet
Concerned that your network might be compromised by connections to malicious or low reputation domains and websites? Need to choke botnets that might be on your network? Then RPZ Threat Intelligence is for you. Cyber criminals are actively trying to trick users into inadvertent connections so use RPZ to ensure your DNS security.
RPZ is such a powerful tool we want you to experience it for free. The DROP (Do not Route Or Peer) Zone protects you from the ‘worst of the worst’ - IP ranges known to have been hijacked by professional spammers and cyber criminals, or have been directly allocated to criminal organizations by a regional internet registry. It also includes a list of IP ranges that cyber criminals have leased from ISPs.
We have made this Zone available as a no-cost public service to direct users of the data. See the positive impact RPZ from Spamhaus can have protecting you, your networks and your users.
To receive RPZ you will need to set up your local recursive resolver. For use with the popular BIND software, download the Set Up Guide.