Helps protect confidentiality and integrity of traffic in the first mile
CPE (customer premise equipment) manufacturers, along with solution providers, can now offer improved security and encrypted DNS functionality on routers for the first time, with the launch of DNSdist 1.8 from PowerDNS.
The development of a ‘router-ready’ version of DNSdist is the next step in supporting the adoption of encrypted DNS. Now that encrypted DNS is adopted by many ISPs, as well as browser and device manufacturers, DNSdist also brings DNS encryption with DNS over TLS (DoT) and DNS over HTTPS (DoH) to routers. This enables CPE-based security solutions to deal with encrypted DNS traffic, whilst helping protect the confidentiality and integrity of traffic in the ‘first mile’ of internet access. It also provides additional capabilities such as scripting, rate-limiting, and caching, in addition to adding DNS-based security filtering on the router, much closer to the end-user.
For end-users, this protects the initial gateway into their home or office network and helps safeguard all of their devices that connect to it, including Internet of Things (IoT) devices, and adds an extra level of security.
In addition to DNSdist 1.8 making efficient use of the resources within the ‘lower-spec’ devices that ISPs typically provide as routers, it is now available for the open-source router-designated operating system OpenWrt. This means DNSdist can now run on hardware with even the most limited RAM, storage, and CPU footprint.
Bob Brandt, VP Engineering at PowerDNS, said: “Making DNSdist ‘router-ready’ was no small feat – as most routers have very limited CPU-power and RAM available – and we’re excited about the possibilities it opens up. We firmly believe that DNSdist will become an invaluable tool to have on routers, which will also help further drive the adoption of encrypted DNS and help deliver a safer internet experience for consumers.”
For further information about PowerDNS DNSdist 1.8, download the latest brochure.
