“The Cybersecurity and Infrastructure Security Agency wants to limit ransomeware, phishing, botnet and malware threats to civilian agencies by rolling out a new Domain Name System (DNS) resolver service, with a plan to eventually provide it governmentwide.”
“As the DNS translates websites’ people-friendly domain names into the numerical IP addresses that computers use, resolver technology rides along to allow or block access to sites. Millions of federal employees visit nongovernmental websites each day, and the CISA technology is intended to improve their protection from malicious infrastructure capable of launching cyberattacks.”
“’Operated defensively, protective DNS can protect agencies and their users from attacks and ensure online systems are resilient,’ said a CISA spokesperson. ‘The service will also afford CISA insight into active cyber threats for analysis and future protection of the federal enterprise.’”
“The new resolver will fill in some significant gaps. Most agencies are already legally required to use CISA‘s EINSTEIN 3 Accelerated (E3A) resolver, but it doesn’t support direct use by mobile devices and cloud infrastructure or encrypted DNS resolution protocols. Some agencies bypass CISA’s protections as a result, so the General Services Administration issued a request for information from potential providers of a new resolver.” Read the full article here.
Source: CISA looks to offer a new DNS resolver to civilian agencies and beyond – By Dave Nyczepir, June 1, 2020. FedScoop.