PowerDNS Add-ons

For various enhancements

Infrastructure Malware Protection

On top of PowerDNS Recursor, the Infrastructure Malware Protection add-on equips recursive solutions with system-wide DNS-based filtering. This provides protection against malware, phishing, and other malicious attacks for all subscribers. It also provides a convenient way for Internet Service Providers to ensure they protect their customers by blocking malicious DNS requests.
On a more granular level, per subscriber control options or per device filtering settings can be achieved by using PowerDNS Protect, instead of Infrastructure Malware Protection.

Threat Intelligence and Content Categorization

PowerDNS Recursor comes with out-of-the-box support for all major threat intelligence and content categorization providers. Various feeds are available for customers to choose from. These feeds provide block- and allow-lists to enable DNS-based filtering and blocking of malicious traffic for the Infrastructure Malware Protection add-on, as well as for PowerDNS Protect.


dstore routes and filters protobuf messages to various destinations (like Kafka) to log of DNS requests on a datastore. This helps with storing DNS events (queries, responses, latency and records) for further investigation of DNS related problems and gives insight in blocking of specific requests. Using its component dstore-dist, dstore can send protobuf messages to different destinations and acts as a distributor of the protobuf messages that are generated by PowerDNS Recursor and DNSdist. dstore-dist comes with a set of destinations, which indicate all the possible destinations for a message. It is also configured with a set of routes; each route can send messages to one or more destinations and can be configured to perform filtering on the messages. dstore-dist is configured using a YAML-based configuration file. dstore-dist can perform sampling and reports Top N domains to provide an overview of most-requested domains.


ZoneControl is the graphical web-based interface for managing domains. It provides all the features necessary to manage a large number of domains. In addition, it provides “one-click” DNSSEC. It allows role-based access so specific people or departments can manage specific domains. ZoneControl also includes version and history management to smoothly reverse changes. Reports and stats let you keep track of trends and provide a simple way to analyze your authoritative performance.

Contact us to learn more about our products.

Contact Us