Just like a physical network, everything in your Azure environment that can talk to the Internet can also use DNS, and DNS is used in more than 92% of today's attacks. Adding effective DNS security to physical, cloud and hybrid networks is critical, and doesn't have to be complex or expensive.

See how ThreatSTOP works in this overview video

ThreatSTOP protects Azure workloads by blocking data theft over DNS and preventing communication with verified malicious domains and IP addresses they resolve to. Using real-time threat intelligence, ThreatSTOP's protection evolves with the threat landscape to stay ahead of new and emerging threats. Unlike solutions limited to detection and alerting, ThreatSTOP's automated enforcement puts a proactive end to DNS threats.

ThreatSTOP DNS Firewall for Azure empowers you to quickly and easily define and customize DNS security policies to protect Azure workloads, including custom lists of IPs and domains. Enforcement is performed by one or more BIND DNS virtual servers deployed as part of this solution to your Azure environment. Customers can review web-based reports to see blocked threats and identify the resources attempting unsafe DNS requests.

Highlights

• Configure custom policies that match your security posture
• Add and manage custom lists of domains and IPs
• Granular control over enforcement actions
• Real-time reports identify threats blocked and the hosts/resources involved
• Virtual DNS servers can be configured to accept DNS requests from your Azure environment and from endpoints outside of Azure
• Virtual DNS servers can be configured as forwarders or resolvers
• Optional premium threat intelligence sources, API services, and SIEM integrations available

ThreatSTOP’s DNS Firewall makes securing the DNS infrastructure of your Azure cloud or hybrid deployment easy and affordable. Sign up to try the fully featured solution for 30 days.