Every time someone clicks a link, opens a website, or follows an email attachment to a download page, their device makes a DNS request — essentially asking “where do I find this?” before it connects to anything.
DNS filtering inspects that request before the connection is made. If the destination is a known malicious domain, a phishing site, or a malware distribution point, the connection is blocked at that point — before any content loads, before any page renders, before any damage can be done.
It is one of the most effective and least visible layers of protection a business can have, because it works silently in the background without requiring anyone to make a decision.
What we provide
Automatic malicious domain blocking
We deploy DNS filtering that checks every DNS request against continuously updated threat intelligence. Known malicious domains, phishing sites, malware distribution points, and command-and-control infrastructure are blocked automatically before a connection is established.
Protection on the network
DNS filtering is applied at the network level for devices connected to your office network, providing a baseline layer of protection across every device regardless of what is installed on it.
Category-based content policies
Where appropriate, DNS filtering can also be used to apply content policies, restricting access to categories of websites that are not appropriate for a work environment, configurable per user group or department.
Protection across every device
DNS filtering is part of a layered approach, and the specific tooling we use varies by device type to ensure every platform in your business is properly covered. Windows devices receive agent-based DNS filtering that follows the device wherever it connects, including off your office network. macOS and Linux devices are protected through complementary security tooling appropriate to those platforms, so that DNS-level protection extends across your whole estate, not just one operating system.
If your business runs a mixed-device environment, we will confirm exactly what’s in place for each device type as part of your site survey.
Why DNS filtering matters
DNS filtering catches threats that other layers might miss. Antivirus catches malicious files once they reach a device. Email filtering catches malicious messages before they reach the inbox. DNS filtering catches the connection itself, before the browser even loads the destination, which means it can stop an attack regardless of how the malicious link reached the user — whether by email, a text message, a chat app, or a compromised website.
It works alongside the rest of your security stack: antivirus, EDR, MFA, email defence, and device hardening, each covering a different stage of a potential attack.
Part of your managed support contract
DNS filtering is included for Network Fish managed support clients as part of the security stack we deploy and manage. There is no separate product to buy or configure yourself.
One monthly fee. One number to call.
The day-to-day risk of your team reaching a malicious website becomes our job, not yours.
