Skip to content

PowerDNS Infrastructure Malware Protection

  • Protection for all connected devices across the network.
  • Protection against malware and malicious domains.
  • Protection against communication from infected or compromised devices.
  • Protection against DDoS attacks targeting your network.
  • Protection with Response Policy Zone (RPZ)–based decision-making.
  • Protection based on threat intelligence from PowerDNS and trusted partners.
SECURE
ENFORCE DNS SECURITY ACROSS YOUR ENTIRE NETWORK

System-wide DNS-based Filtering

The Infrastructure Malware Protection add-on enhances PowerDNS Recursor with system-wide DNS-based filtering capabilities. It enables the blocking, redirection, or modification of DNS responses to protect users from malware, phishing, and other malicious threats. It also supports regulatory compliance requirements, such as blocking access to illegal content.

As an entry point into the PowerDNS DNS security layer, Infrastructure Malware Protection delivers reliable, network-wide protection for both users and infrastructure – without requiring individual subscriber-level configuration.

Infrastructure Malware Protection - system-wide

D015_power-dns-protect_real-time-notifications-1

 

Interested in per subscriber control or device-level filtering?

Explore PowerDNS Protect for more granular options.

infrastructure-malware-protection
BLOCK
ENFORCE DNS POLICIES WITH CURATED THREAT INTELLIGENCE

Decisions Based on Response Policy Zones (RPZ)

The Infrastructure Malware Protection add-on uses curated threat intelligence to block access to:

  • Known malicious domain names
  • Domains resolving to known malicious IP addresses
  • Domains relying on compromised or malicious name servers
  • Botnet command-and-control (C2) infrastructure

RPZ is used to enforce policies by blocking, redirecting, or modifying DNS responses in real time. The solution is powered by more than 70 threat intelligence feeds from well-known, operator-validated security vendors. Based on these inputs, the add-on applies specific DNS policies to malicious requests, such as returning NXDOMAIN responses, redirecting users to a block page, or refusing/dropping the query.

Operate deployments without touching the command line

When changes are needed – configuration updates, new zones, or restarts – you can act and restart deployments directly from the UI. There’s no need to SSH into servers or work through complex Kubernetes commands.

Single Pane of Glass lets you safely manage deployments across all accessible clusters, with full visibility into what’s happening as changes roll out.

Key benefits:

  • Restart deployments directly from the UI
  • Rolling restarts avoid downtime
  • Real-time feedback shows progress and status
  • No need to monitor kubectl or access individual clusters
  • Changes become visible almost instantly
4-Operate deployments without touching the command line

Interested in learning more about PowerDNS Infrastructure Malware Protection or receiving a quote?