Secure DNS Software Solution

DNS PATROL protects your network from malicious domains. Analyzes DNS traffic in real time and blocks threats before they become a problem.

DNS PATROL is designed for organizations and companies that want to protect their users and devices from cyber threats at the DNS level.

DNS PATROL is not yet available to the public.

DNS PATROL

Monitors and analyzes DNS traffic in real time and helps block malicious domains.
DNS PATROL focuses on detecting phishing, malware, and other risks at the DNS level.

Monitors and analyzes DNS traffic for better visibility and management
Blocks malicious domains and suspicious activity in real time
Protects DNS against phishing, DNS tunneling, and DGA attacks
Integrates Threat Intelligence DB from the national CSIRT.CZ team

Open source

DNS PATROL is available as open source, and users can define and create their own lists of blocked and allowed addresses. The source code is available under license GNU GPLv3.

DNS Traffic Monitoring and Overview

The system monitors DNS queries and provides clear statistics, logs, and detection for network administrators.

Secure domain translation

DNS PATROL ensures that all requests for internet domain translation are carried out securely and safely – whether within the company network or outside it.

Detection and blocking of anomalies and threats

DNS PATROL uses Threat Intelligence database to protect your organization from known and emerging threats, including phishing (including homographic attacks), DNS tunneling, and DGA attacks.

FAQ

What is a recursive DNS resolver?

A recursive DNS resolver is a server that your device (computer, mobile phone) contacts with a request to translate a domain name into an IP address. If it has the information in its cache, it returns it immediately. If not, the recursive resolver contacts other DNS servers (root and authoritative) to obtain the necessary IP address, which it then stores in its cache and passes on to your device.

What is DGA?

DGA (Domain Generation Algorithm) is a method used by attackers to generate large numbers of random domains for covert communication with malware. DNS PATROL detects and blocks these domains before they can cause any damage.

What is Phishing?

Phishing is a fraudulent attempt to obtain sensitive data, such as passwords or payment information, using fake emails, text messages, or websites. DNS PATROL can detect and block these fraudulent domains before users click on them.

What is DNS Tunneling?

DNS tunneling exploits the DNS protocol to communicate secretly with an attacker—for example, to transfer data outside the network. Common security measures often fail to detect this. DNS PATROL recognizes and blocks such attempts.