SSL Scanning

SSL Scanning is a method used to scan encrypted data for malware or confidential data that could lead to a piece of sensitive information being leaked to unwanted hands.

SSL is used to encrypt data for protection against malicious eavesdropping, however, the encrypted data can easily contain malware or information that is not meant to be shared outside an organization’s network e.g. trade secrets or financial statements.

SSL scanners help protect organizations by decrypting the data sent by clients, scan it for malware or confidential information and then re-encrypt it before it is sent to the destination server.

Does DNSFilter do HTTPS/SSL Scanning?

DNSFilter is a DNS provider, we do DNS lookups and block threats by scanning the DNS queries. We do not have access to web traffic packets hence we cannot do anything with them.

In the hierarchy of activities in a client/server communication, SSL Inspection would happen “above” DNS resolution. In the act of resolving a DNS request, we do not have access to the network traffic/packets directly and can do no such inspection. 

We don’t intend to spy on your web traffic while performing the DNS lookups. In fact, the very DNS lookup itself would be subject to the same deep packet inspection (DPI) as any other packet on the network, should you have it configured. 

Typically, this would be handled at a hardware firewall level, usually attached to an Intrusion Detection System (IDS).

We definitely recommend the use of a full spectrum of security technologies, and while we’ve got you covered on the DNS side, DPI is just one of the other solutions you’ll want in your toolbox.