The Cybersecurity and Infrastructure Security Agency (CISA) announced this week that its Protective Domain Name System (DNS) – the agency’s latest shared service offering – is available to all Federal civilian agencies to enhance their cyber defenses.
Following a successful test run with a few agencies, CISA is now onboarding agencies into the service, which has “modernized capabilities to detect and prevent threats in internet traffic and raise our collective cyber defense,” according to a Sept. 27 CISA blog post. The offering was made possible by CISA’s Cybersecurity Shared Services Office.
“Protective DNS shields Federal users and organizations from reaching known or suspected malicious destinations with a cutting-edge capability that safeguards network connections,” Eric Goldstein, executive assistant director for cybersecurity at CISA, wrote in the blog. “It also empowers FCEB [Federal Civilian Executive Branch] agencies with better visibility into their own internet traffic, providing real-time logs, reports, and other insights into an ever-evolving cyber threat landscape.”
Goldstein said CISA gathered input from DNS experts and through months of beta testing with partner agencies to develop Protective DNS and determine “specific system requirements.”
Incorporating that feedback, Protective DNS offers the following features:
- “Expanded Coverage. Traditional on-premises networks, cloud-based assets, as well as roaming and mobile devices are protected, regardless of their location.
- Enhanced Threat Intelligence. Commercial threat intelligence feeds provide greater comprehensive threat detection and prevention.
- Real-Time Alerts. The service’s application programming interface increases early response capabilities by way of rapid threat notifications.
- Increased Visibility and Accessibility. Agencies benefit from access to threat trends and full DNS traffic logs, shining a light on common threats.
- Zero-Trust Alignment. The latest and greatest cybersecurity principles ensure full protection, no matter how and where agency devices connect.”
CISA said FCEB agencies can contact the CISA’s Cybersecurity Shared Services Office at CyberSharedServices@cisa.dhs.gov. The agency encouraged all other organizations to visit its Cyber Resource Hub for additional available services.