Headline
Introducing Malwarebytes DNS Filtering module: How to block sites and create policy rules
Malwarebytes DNS Filtering is a new module that helps block access to malicious websites and limit threats introduced by suspicious content. The post Introducing Malwarebytes DNS Filtering module: How to block sites and create policy rules appeared first on Malwarebytes Labs.
We’re happy to announce Malwarebytes DNS Filtering, a new module for the Nebula platform which helps block access to malicious websites and limit threats introduced by suspicious content.
But how exactly does it work, you ask?
In this post, we give a basic walkthrough of the module, starting off with how to create DNS filtering rules. We’ll then show you how to set exclusions to rules and filter by certain categories, as well as how to monitor and delete the rules that you create.
Let’s get into it!
Table of Contents
- Part 1: Accessing the module
- Part 2: Creating rules
- 2.1: Setting rule exclusions
- 2.2: Naming rules and setting policies
- 2.3: Filtering categories
- 2.4: Allowing and blocking domains
- Part 3: Monitoring
Part 1: Accessing the module
Once you add DNS filtering to your Nebula subscription, you can access the DNS filtering page on the left hand navigation.
****Part 2: Creating rules****
First, let’s take a look at the Rules tab.
****2.1: Setting rule exclusions****
Start by adding global exclusions. Add your private and local domains here to prevent them from being blocked by any DNS filtering rules you create.
****2.2: Naming rules and setting policies****
Give this DNS rule a name and then select the policies you want to include.
****2.3: Filtering categories****
By default, Use preconfigured settings is enabled for Categories.
For further customization click on the arrow to expand the categories. Each security category has an additional description and details.
Under Content categories, you can expand each one for a more granular level of customization.
****2.4: Allowing and blocking domains****
Under allow lists you can add domains to exclude from this DNS rule. For now we’ll leave it blank.
You can also add domains to block certain domains. Remember that while allowing or blocking the domain will include the subdomains, allowing or blocking subdomain will not include the full domain.
****Part 3: Monitoring****
Now all the endpoints under the selected policies will follow this new DNS rule. Back on the Rules tab, you can disable and enable and also clone and delete rules.
On the Activity page, you can monitor and export data based on the rules you create.
And at the bottom, there’s a table where you can review each individual block and allow. Just like you can already do in Nebula, you can use column filter filters to create group level filters.
Elevate threat prevention for safer web browsing today
Malwarebytes DNS Filtering module makes it easy to block websites and content, helping you align internet access with your organization’s cybersecurity and any published “acceptable use” policies.