DNS Protection and SSL/TLS Inspection

  • 23 April 2021
  • 4 replies

Userlevel 5
Badge +4

For home-based teleworkers (in particular) who do not have a hardware firewall doing SSL/TLS Deep Packet Inspection, does Webroot DNS Protection mitigate most of the threats that TLS Inspection would likely catch?  


Best answer by dstokes1 26 April 2021, 21:43

View original

4 replies

Userlevel 7
Badge +20

Hey there David,

I’m going to ping one of our business product specialists to see if he has an answer for your question

@dstokes1 - Does Webroot DNS offer this kind of protection?

@gru_dyates The short answer would be YES for our Business product, but there is a lot more information at the following page and it is worth reading about how our DNS Agent works: DNS Web Filtering with Cloud Based Protection | Webroot

Userlevel 5
Badge +4

Thanks for the response!  I had assumed that Webroot DNS protection would mitigate most of the types of things that would be filtered by Deep Packet Inspection, as the sites dishing out the questionable material would be blocked.  All things being roughly equal, I much prefer blocking by originator than going through the packet inspection process. It feels inherently safer and more comprehensive, also.

@gru_dyates  The other benefit with our DNS Agent is the entire “discussion” from our agent to our DNS resolvers is encrypted during the look-up and response, so not only is it secure, it features privacy, as well. DoH (DNS over HTTPS) at the agent level, so browser, applications, any computer related DNS activity is fully protected. More information on DoH can be found in that link from my previous post, too.