Introducing the Verisign DNS Firewall

Defending against cyber threats is not only critical, but increasingly difficult and expensive. Just a quick glance at today’s news headlines and it is clear that these threats present numerous challenges to Internet users and the organizations that both serve and employ them. For example, in 2014, McAfee Labs observed a 75 percent year-over-year increase in new malware equating to 387 new threats per minute.  Further, the Ponemon Institute estimates the average data breach costs large organizations $3.8 million per event.

Most solutions either require extensive investment or do not meet an organization’s constantly evolving needs. Traditional, appliance-based security solutions can require organizations to shell out considerable amounts of money, both in up-front capital expenditure and in on-going maintenance fees. Conversely, many managed cloud-based offerings do not provide the critical capability to customize the solution based on an organization’s specific business environment and security needs. Finally, do-it-yourself (DIY) open-source solutions suffer from constant patching and maintenance problems.

Enter the Verisign DNS Firewall, an easy-to-configure, cost effective managed cloud-based service that offers robust protection from unwanted content, malware and advanced persistent threats (APTs), delivered with the ability to customize filtering to suit an organization’s unique needs.

For organizations that do not have an existing security solution, the Verisign DNS Firewall provides a service that secures your traffic navigation without the significant cost burden associated with hardware implementations. For organizations that already have existing security solutions, Verisign DNS Firewall provides “defense in depth” as an added layer of security that can augment existing traffic navigation and threat management capabilities.

A few of the specific benefits of Verisign DNS Firewall include:

Proven Advanced Threat Detection: Employs real-time feeds from multiple sources to enhance overall threat coverage:

  • Utilizes Verisign’s award-winning iDefense® Security Intelligence Service feeds for in-depth country-specific and regional threats.
  • Verisign’s patented bot-net detection algorithm feeds that predicts a variety of potential threats.
  • Enhances an organization’s ability to protect from threats through the addition of threat indicator feeds from various third party sources.

Fully Customizable Filtering: Includes a variety of out-of-the-box content filters, including the ability to define customized white and black lists to tailor traffic navigation with a greater level of precision.

Increased Security Options: Enables organizations to identify affected devices inside the network border, increasing the level of service precision, without the need for individualized client installs.

Easy Implementation: Requires only an update of the recursive DNS settings to get started.

Verisign’s DNS Firewall has a place in any network security strategy, no matter the level of maturity. Regardless of size and scale, Verisign DNS Firewall can provide a baseline of protection that can be applied consistently across an organization’s footprint.

For more information, visit or contact


Michael Kaczmarek

Vice President, Product and Marketing Michael Kaczmarek heads product management and marketing for Verisign’s Security Services product suite. He is responsible for developing the vision, strategies, and tactics for the successful launch and expansion of products into new and existing markets. Michael has been with Verisign for more than 16 years and has served in various capacities including director of... Read More →