Advanced DNS Security Powered by Precision AI®
Automatically secure your DNS traffic by using Palo Alto Networks Advanced DNS Security Powered by Precision AI, a cloud-based analytics platform providing your firewall with access to DNS signatures generated using advanced predictive analysis and machine learning, with malicious domain data from a growing threat intelligence sharing community as well as domain detectors that inspect changes in DNS responses to detect various types of DNS hijacking in real-time.
What's New
| 26 March 2025 | Palo Alto Networks now provides access to two additional service regions for DNS Security and Advanced DNS Security operations, located in Tel Aviv, Israel and Seoul, South Korea. Typically, the default global service domain automatically connects you to the nearest service provider. However, if you want to override the automatically selected server, you can manually specify the server used to facilitate DNS Security and Advanced DNS Security queries. |
| 27 March 2025 | Palo Alto Networks now provides an updated DNS sinkhole service IP as part of its security infrastructure enhancements. For most users, the transition is automatic, as the default setting uses the FQDN: (sinkhole.paloaltonetworks.com). However, if you manually configured the settings to use a static Palo Alto Networks Sinkhole IP instead of the default FQDN, you must update your configurations accordingly. For more information on the sinkhole service update, refer to: LiveCommunity Blog |
| 31 January 2025 | DNS Security now provides support for Domain Masquerading detection. |
| 31 January 2025 | DNS Security now provides support for Malicious TDS detection. |
| 24 July 2024 | Threat log entries for DNS stockpiled domains analyzed by DNS Security now display the associated campaign details, context, and techniques used by attackers. This is reflected in the Threat ID/Name field for the log entry for a DNS stockpiled domain. |
| 13 May 2024 | Threat log entries for DNS tunneling domains analyzed by DNS Security, including tunneling-based APTs, now display the tunneling tools and attack campaigns associated with the domain. This is reflected in the Threat ID/Name field for the log entry for a DNS tunneling domain. |
| 02 May 2024 | The Advanced DNS Security service is a new subscription offering by Palo Alto Networks that operates new domain detectors in the Advanced DNS Security cloud that inspect changes in DNS responses to detect various types of DNS hijacking in real-time. With access to Advanced DNS Security, you can configure your firewall to detect and block DNS responses from hijacked domains and misconfigured domains. |