Webroot™ DNS Protection
Protective filtering for security, visibility, privacy and control. Minimize risks, maximize safety and productivity on the web.

By using a protective DNS service like Webroot® DNS Protection organizations control their networks and maintain the security, privacy and visibility they need to protect IT infrastructure and users, even those working remotely.

Let our Solutions Specialist help you Today!

Webroot™ DNS Protection

Overview

Why do you need a protective DNS service?

Today’s businesses need secure, private, manageable and visible control over internet traffic.

The current domain name system (DNS) simply resolves internet requests through a global system of servers, then translates those requests into their unique Internet Protocol (IP) addresses. But this vital service was not designed with security in mind and many DNS exploits and vulnerabilities now exist.

What does a protective DNS service do?

Webroot BrightCloud® Internet Threat Intelligence to automatically block requests to undesirable, dangerous or malicious internet domains, even encrypted DNS over HTTPS (DoH) requests.

This filtering alone stops most internet threats before they can infect networks or endpoints. It helps organizations achieve the management control over their DNS connection recommended by the joint NSA and CISA Guidance on Strengthening Cyber Defense Through Protective DNS.

Webroot® DNS Protection was built for the future, supporting both IPv6 and DoH so businesses are prepared for the next generation of internet protocols and requests. This means you can protect your users at the DNS layer on modern networks like public hotspots without sacrificing security, privacy, visibility or admin control.

Key Features

How Webroot’s DNS Protection service is different?

Skip the hardware and software
This fully cloud-based, secure, resilient and reliable DNS service takes just minutes to set up and start protecting your connection, network and users from cyberattacks.

Get detailed, on-demand reporting
Use reports to drill down into threats blocked by Webroot® DNS Protection and achieve full visibility over internet threats and risky web usage.

Enable policies by Group, Device or IP
Control internet use for users using pre-configured and custom policies by group, device or network – like guest WiFi.

Apply timely, accurate and reliable web classifications
Webroot® BrightCloud Threat Intelligence forms the backbone of our service. Its accuracy, timeliness and reliability is trusted by over 130 of the world’s leading technology vendors.

Block threats at the domain level
Over 80 URL categories plus Google SafeSearch give you granular, policy-based control to automatically block dangerous and questionable site categories (Adult, Gambling, etc.) and unwanted sites like streaming media.

Reduce infection cleanup costs
DNS filtering stops up to 88% of undesirable internet traffic the domain layer, so it never reaches your network. This saves you time, money and minimizes support costs.

Dive Deeper into DNS Protection

Roaming and VPN Users

Secure your mobile workforce without interfering with the VPNs, firewalls and security tools you already use.

WiFi Hotspots

Secure WiFi hotspots with DNS protection for guest WiFi to keep guests, customers and reputations safe.

Other Resources

Webroot® DNS Protection and NSA/CISA PDNS service attributes

The NSA and CISA advisory recommends the following attributes of a protective DNS service:

Attributes	Webroot Supported	Method
Blocks malware domains	Yes	Using Webroot BrightCloud® Threat Intelligence
Blocks phishing domains	Yes	Using Webroot BrightCloud® Threat Intelligence
Malware Domain Generation Algorithm (DGA) protection	Yes	Using Webroot BrightCloud® Threat Intelligence
Leverages machine learning or other heuristics to augment threat feeds	Yes	Uses the Webroot ML/AI platform established in 2007
Content filtering	Yes	Uses up to 80 URL categories, plus Google SafeSearch
Supports API access for SIEM integration or custom analytics	Yes	Several options for ensuring full logging and visibility of requests with ingestion into SIEM, XDR, MDR, etc.
Web interface dashboard	Yes	Webroot's new UI/UX makes policy management, reporting and dashboard stats always available
Validates DNSSEC	Yes	Webroot uses DNSSEC
DoH/DoT capable	Yes	DoH is uniquely supported natively and is also GDPR compliant where necessary.
Enables customizable policies by group, device or network	Yes	Comprehensive management controls exist and coverage of both the network and guest WiFi requests
Deploys across hybrid architectures	Yes	Supports hybrid architectures

From offering expert advice to solving complex problems, We are with you every step of the way through the buying process. We've got you covered.

With over 20 years of experience, Our Solutions Specialists are genuinely interested in your needs and can help you today!

Webroot™ DNS Protection Protective filtering for security, visibility, privacy and control. Minimize risks, maximize safety and productivity on the web.