iboss cloud DNS Protection for BYOD and Guest Network Protection
Cloud DNS protection can easily be used to secure branch office locations without touching endpoints or re-configuring devices. The DNS settings of the network are changed to point to iboss cloud. When the iboss cloud receives a DNS query from the network, the query is run through the malware security stack to determine if the destination is malicious or the request represents malware command and control center traffic which indicates an infection.
The use of DNS protection is powerful for BYOD networks where guests are able to leverage Wifi provided by the organization but the devices being used are not owned by the organization. Because the devices will automatically use the network-provided DNS settings, any query made by the BYOD device will be forwarded to iboss cloud for protection.
The iboss cloud includes support for DNS-based protection in the cloud. This allows administrators to configure guest and BYOD networks to point to iboss cloud to extend web filtering and malware protection to devices not owned by the organization. Since the DNS settings of the BYOD network points to the iboss cloud, it will distribute the protection to any device connected to the network. The configuration is painless and requires no configuration on the devices connected to the network. The settings are automatically transferred via DHCP to the devices attached to guest network.
Web filtering policies can be applied to prevent risky Internet access for any device on the guest network. Malware protection automatically extends to any device connected to the network as well. Since DNS queries are directed to iboss cloud, the queries are automatically run through threat feeds and through policy engines. If violations occur, the user is presented with a customizable page indicating access was restricted.
For each network configured for protection by iboss cloud, a unique default policy can be applied. This allows flexibility for different types of Wifi guest networks or offices. The guest or office network is mapped to the unique policy via its source IP and that policy is fully customizable by the network admin. This includes web filtering and malware controls.