DNS Server with Firewall Protection
An ISP-grade recursive DNS server with a built-in domain firewall — built in-house for INIC's own NOC and now available to other ISPs and enterprises who need granular control over their DNS layer.
About the Product
INIC's DNS Server with Firewall was built to address the limitations of public DNS resolvers in an ISP environment — lack of visibility, no filtering, and no control. We needed a resolver we fully owned, one that could block malicious domains at the network edge before subscribers ever made a connection.
The result is a recursive DNS resolver with an integrated domain-level firewall, deployed across our Bhilai NOC and upstream PoPs. It handles millions of queries per day for Instalinks subscribers, blocking known malware domains, phishing sites, and ad networks in real time.
We are now offering this tool to other ISPs, managed service providers, and enterprises who want the same level of DNS control without building it from scratch.
DNS Server with Firewall — live at INIC's NOC
Features
Everything you need to take control of DNS at the network edge.
Recursive DNS Resolution
Full recursive resolver — no reliance on upstream public DNS. All queries resolved independently for maximum control and privacy.
Domain Firewall & Filtering
Block malicious domains, ad networks, phishing sites, and custom blacklists at the DNS layer — before any connection is established.
Query Logging & Audit
Detailed per-query logging with client IP, timestamp, domain, response, and latency. Full audit trail for compliance and troubleshooting.
Low Latency
Optimised for ISP deployments with in-memory caching, negative caching, and minimal overhead. Sub-millisecond response for cached queries.
Custom Zone Support
Define custom internal zones and override responses for specific domains — useful for CPE management portals and internal services.
Alerting Integration
Threshold-based alerts for query spikes, NXDOMAIN floods, and blocked domain hits. Integrates with our SYSLOG Monitor for unified visibility.
See it in action
Running live inside INIC's NOC. Sensitive data lightly blurred for privacy.
Frequently Asked Questions
Common questions about INIC DNS Firewall.
What is an ISP DNS firewall?
An ISP DNS firewall is a recursive DNS resolver that blocks requests to malicious, phishing, or policy-violating domains at the network layer — before any connection is established. It acts as a first line of defence for all subscribers on your network.
How does INIC DNS Firewall block threats?
INIC DNS Firewall uses configurable block lists — including threat intelligence feeds and custom rules — to intercept queries for known-bad domains and return a block response. Blocking happens in milliseconds with no impact on resolution latency for clean domains.
Can I customise block lists per subscriber?
Yes. The INIC DNS Firewall supports per-subscriber or per-IP-range policy overrides, allowing you to apply different filtering rules for different customer tiers or business accounts.
Does it support RPZ (Response Policy Zones)?
Yes. The resolver supports DNS RPZ, the industry-standard mechanism for policy-based DNS response overrides. You can import standard RPZ feeds or define custom zones.
What query volume can it handle?
INIC DNS Firewall is deployed at INIC's own ISP NOC handling millions of queries per day. It is designed for high-throughput ISP environments with in-memory caching and minimal overhead. Contact us to discuss capacity planning for your specific deployment.
Ready to take control of your DNS layer?
Contact us to discuss deployment options, pricing, and integration with your existing NOC infrastructure.
Related Products