DNS Firewall : Response Policy Zone

  • Home
  • DNS Firewall : Response Policy Zone

What is DNS RPZ?

Filter and block known bad domains at the DNS level.

Threat Intelligence on known malicious sites (malware, ransomware, bots, etc) is packaged into Data Zones that are consumed by a DNS resolver to block access to known malicious sources on the internet. Fast, timely updates (every 1 minute) enable an advanced layer of protection for all users, all applications, and all protocols.

A highly-effective and critical choke point against ongoing attacks such as ransomware, and malware, RPZ blocks both incoming and outgoing malicious sources from entering a network.

Turn your DNS Caching Resolver into a tool to help protect your network from malware, ransomware, phishing.

  • Critical Choke Point – Any user, Any protocol, any Application using the Internet will use DNS.  
  • Stop connections to known bad domains on the Internet.  Period.
  • Elegant way to deploy dynamic threat intelligence
  • Customizable and granular zones 
  • Highly dynamic.

How does DNS RPZ Work?

Filter and block known bad domains at the DNS level.

RPZ implements real-time threat intelligence domain data at the DNS level. DNS resolvers utilize RPZ data to protect users trying to visit known bad domains. 

  1. User submits a request to the DNS Resolver.  
  2. DNS Resolver queries the Response Policy Zone feeds to assess if the domain or related IP address is a known malicious threat. 
  3. If domain being queried is malicious, the DNS Resolver will be re-directed to stop the user from accessing the bad domain. Blocked domains will be re-directed to “NXDOMAIN” or a defined modified value.
    • If the domain is not listed in the RPZ feeds, then DNS request will resolve


Available From:



Start your free trial.

Design the best set of data feeds to meet your needs!


Experience improved cybersecurity and stop phishing emails, ransomware, malware, and other cyber threats. Sign up for your free consultation and receive an in-depth technical deep dive and a 30-day free trial.