HomeWinBuzzer NewsMicrosoft Elevates Windows Security with Zero Trust DNS Feature

Microsoft Elevates Windows Security with Zero Trust DNS Feature

Microsoft's new Zero Trust DNS restricts business PCs to approved networks, boosting security and offering a way to avoid compromising encryption.

-

has unveiled its latest security update, Zero Trust DNS, aimed at bolstering network security for business users. This development is part of Microsoft's broader commitment to prioritize security enhancements across its product range. Zero Trust DNS, currently in a private preview, is designed to ensure that PCs within a business network connect only to verified and approved networks.

Understanding Zero Trust DNS

Zero Trust DNS operates by leveraging the capabilities of the Windows DNS client and the Windows Filtering Platform (WFP). With this feature activated, Windows will restrict all outbound IPv4 and IPv6 traffic, permitting only connections to designated Protective DNS servers along with the necessary DHCP, DHCPv6, and NDP traffic for identifying network connectivity details. This approach is intended to block any network traffic linked to unverified domain names, thereby nullifying the risk posed by hard-coded IP addresses or unauthorized encrypted DNS servers. Microsoft emphasizes that this strategy allows businesses to avoid TLS termination, maintaining the security advantages of end-to-end encryption.

The Path Forward for Zero Trust DNS

While Zero Trust DNS is still in the testing phase, Microsoft plans to extend its availability to members of the Windows Insider Program in the future, providing a broader base of users the opportunity to evaluate its effectiveness. Business administrators interested in understanding how Zero Trust DNS could impact their network security and application performance are encouraged to consult the detailed blog post provided by Microsoft. This post offers insights into how the feature could influence the functionality of specific apps and services within a secure network environment.

By adopting a Zero Trust model, which mandates strict verification for every network request, Microsoft aims to provide businesses with a robust framework to protect against evolving threats. This latest feature aligns with the company's 2020 announcement of the Zero Trust Deployment Center.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

Mastodon