DHS CISA to provide DoH and DoT servers for government use

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) announced today that it intends to run DoH (DNS-over-HTTPS) and DoT (DNS-over-TLS) DNS resolution servers for official government use, however, it advises agencies to disable DoH and DoT support on employees' browsers until official CISA servers are available.

The agency issued a memorandum [PDF] today to remind government agencies of their legal requirement to use the EINSTEIN 3 Accelerated (E3A) DNS server as the primary DNS resolver for any government workstations and communications.

CISA said the E3A server comes with a sinkholing capability "which blocks access to malicious infrastructure by, in effect, overriding public DNS records that have been identified as harmful."

"The vast majority of agencies already do this, but particularly in light of increased telework, we felt it worth reiterating," the agency said in a press release.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top