[2022 Issue 10] Why browsers can be a security loophole?

zyxel_Lin Posts: 73  Zyxel Employee
First Anniversary Friend Collector
edited April 2022 in Security Highlight

Modern browsers and latest operating systems are using new encryption technologies – DNS over TLS (DoT) and DNS over HTTPS (DoH) – to combat against unauthorized DNS services. It can be a great tool for privacy protection, but it would also open up potential threats for your organizations and IT professionals. This article will show how DoH works and how Zyxel ATP firewall can help.

What is DoH?

To understand DoH, it is necessary to first understand how regular DNS works. Domain Name Server (DNS) is just like internet address book and translates each domain name into an IP address.

DNS over HTTPS (DoH) is a new protocol that encrypts domain name system traffic by passing DNS queries. The primary function is that the communication is encrypted helps to hide one’s online activities. For now, all major browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera supports DNS over HTTPS.

The way of a DNS query when DoH is enabled

DNS filtering solution is a crucial security layer for every cybersecurity vendor. DNS Threat Filter matches domain addresses with the always-up-to-date cloud reputation database and determines if an address is reputable or not. 

How DNS Threat Filter Works

However, if DNS over HTTPS queries from the clients happens, the communication is not visible. This allow employees and students to bypass network-level web filtering policies. Companies that rely on web traffic reports from DNS-based solutions also lose visibility into internal network traffic.

How Zyxel can help you to manage the clients' Internet activities

To provide precise visibility of internal network traffic, Zyxel is working to fully integrate the DNS over HTTPS (DoH) protocol with ATP series in a secure way that will help every organization to enhance cybersecurity. Once ATP firewall detects the DNS over HTTPS queries from the clients to known DoH servers, ATP will block these DNS queries to prevent users from bypassing internet restriction policies.

Benefits of DoH/DoT blocking and monitoring:

  • Prevents users from bypassing company’s web filter.
  • Retains visibility and security over all DNS traffic on your network.
  • Efficiently route DNS queries and keep overall network healthy.