The Advanced DNS Resolver service enhances your DNS security posture by providing cloud-based DNS resolution and inspection capabilities. This service allows you to forward your internet-bound DNS requests to a secure resolver managed by Palo Alto Networks, offering both domain-to-IP resolution and protection against DNS-based threats based on the Advanced DNS Security cloud service.

Along with DNS request inspection that protects from standard DNS threats, the resolver also offers real-time DNS response inspection to detect and prevent advanced threats such as DNS hijacking and DNS configuration vulnerabilities. Additionally, it can identify compromised DNS provider accounts, man-in-the-middle attacks, and potential exploitation of NXDOMAINs. These features help safeguard your organization against sophisticated DNS-based attacks and misconfigurations that could lead to security breaches.

The ADNS Resolver supports multiple protocols including DNS over UDP, and TCP, ensuring compatibility with various network configurations. It also provides granular policy controls, allowing you to apply detailed security rules based on network security requirements. The service includes comprehensive logging capabilities, adhering to federal mandates for DNS logging, and offers detailed visibility and reporting features.

The ADNS Resolver is designed to be highly available and low-latency, with support for multiple protocols including DNS over UDP, and TCP. It offers comprehensive logging using the Strata Cloud Manager log viewer and Activity Insights for incident response. By using this service, you can enhance your DNS security, simplify your security infrastructure, and gain better visibility into your DNS traffic, all while maintaining compliance with data residency requirements and security mandates.