Amazon Route 53 Resolver DNS Firewall Adds Threat and Content Domain Categories in the Amazon Web Services China Regions
Amazon Route 53 Resolver DNS Firewall now supports new threat and content domain categories, enabling you to configure DNS Firewall rules with additional granularity based on DNS threat types and web content associated with queried domains. The new category lists are available under the expanded DNS Firewall Advanced rule tier, while existing Managed Domain Lists remain under the DNS Firewall Foundational rule tier.
Route 53 Resolver DNS Firewall is a managed service that lets you block DNS queries for domains identified as low-reputation or potentially malicious, while allowing queries for trusted domains. DNS Firewall Advanced extends this capability by detecting and blocking DNS traffic associated with Domain Generation Algorithms (DGA) and DNS Tunneling threats.
With this launch, DNS Firewall Advanced expands to include new threat and content categories that provide greater flexibility, visibility, and granularity. You can now block queries based on specific DNS threat types—such as spam and phishing—as well as not-safe-for-work domains, including adult content and gambling. Existing Managed Domain Lists and your custom lists continue to be available under the newly designated DNS Firewall Foundational rule tier.
This capability is available at no additional cost to DNS Firewall Advanced customers. To get started, see the Route 53 DNS Firewall documentation. For pricing, see Amazon Route 53 pricing.