What is DNS Filtering?

Understanding DNS

Every time you visit a website, your device makes a DNS (Domain Name System) request. DNS translates human-readable domain names like "example.com" into the IP addresses that computers use to communicate. Think of DNS as the internet's phone book — it maps names to numbers.

Because DNS requests happen before any connection is made, they represent the earliest possible point to block threats. If a malicious domain is blocked at the DNS level, your device never connects to it at all.

How DNS Filtering Works

DNS filtering intercepts DNS requests and checks them against databases of known threats and content categories. Here's what happens when a device on your network tries to visit a website:

• Step 1: The device sends a DNS request (e.g., "What is the IP address of example.com?").
• Step 2: Cloud Shield checks the domain against threat intelligence databases and your organization's content policies.
• Step 3: If the domain is safe and permitted, the request is resolved normally and the connection proceeds.
• Step 4: If the domain is malicious or blocked by policy, the request is denied and the user sees a block page instead.

What DNS Filtering Blocks

VeloGuardian's DNS filtering protects against a wide range of threats:

• Malware domains — Websites known to distribute malware, ransomware, or exploit kits
• Phishing sites — Fake login pages designed to steal credentials
• Command-and-control servers — Infrastructure used by botnets and advanced threats
• Newly registered domains — Freshly created domains that are disproportionately used for attacks
• Content categories — Adult content, gambling, social media, or other categories you choose to restrict

Why DNS Filtering Matters

DNS filtering is one of the most effective and least intrusive security measures you can implement:

• No software on devices — DNS filtering works at the network level. When combined with VeloGuardian's VPN, it protects every device automatically, regardless of operating system or browser.
• Blocks threats early — By stopping malicious connections before they start, DNS filtering prevents threats from ever reaching your network.
• Low performance impact — DNS lookups are tiny and fast. Filtering adds negligible latency compared to the protection it provides.
• Works everywhere — Because VeloGuardian routes all traffic through the VPN, DNS filtering protects your team whether they're in the office, at home, or traveling.

DNS Filtering in VeloGuardian

VeloGuardian's DNS filtering is built into Cloud Shield and enabled by default. Administrators can customize policies from the central management dashboard — choosing which categories to block, whitelisting specific domains, and reviewing blocked request logs.

Combined with web filtering, anti-malware, and botnet protection, DNS filtering forms the first line of defense in VeloGuardian's multi-layered security approach.

Related Resources

• What is Web Filtering?
• What is Cloud Shield?
• What is Botnet Protection?