* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/)
* How DNS Security Helps Se...

# How DNS Security Helps Secure Your Remote Workforce

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2020%2F04%2Fnetwork-dns-security%2F)  
[](https://twitter.com/share?text=How+DNS+Security+Helps+Secure+Your+Remote+Workforce&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2020%2F04%2Fnetwork-dns-security%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2020%2F04%2Fnetwork-dns-security%2F&title=How+DNS+Security+Helps+Secure+Your+Remote+Workforce&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2020/04/network-dns-security/&ts=markdown)  
\[\](mailto:?subject=How DNS Security Helps Secure Your Remote Workforce)  
Link copied  
By [Zoltan Deak](https://www.paloaltonetworks.com/blog/author/zoltan-deak/?ts=markdown "Posts by Zoltan Deak")  
Apr 08, 2020  
3 minutes  
[Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown)  
[Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)  
[Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)  
[COVID-19](https://www.paloaltonetworks.com/blog/tag/covid-19/?ts=markdown)  
[DNS](https://www.paloaltonetworks.com/blog/tag/dns/?ts=markdown)  
[NGFW](https://www.paloaltonetworks.com/blog/tag/ngfw/?ts=markdown)  
[Prisma Access](https://www.paloaltonetworks.com/blog/tag/prisma-access/?ts=markdown)  
[remote access](https://www.paloaltonetworks.com/blog/tag/remote-access/?ts=markdown)

All of us are currently dealing with the COVID-19 crisis. For many of us, that means the new adjustment of working from home. While this enables business continuity, it also places our businesses at additional risk from cyber threats. Adversaries know many employees are working from home using work laptops that may contain sensitive, valuable information. Already, we've seen threats such as malware, phishing attacks and ransomware related to COVID-19.

There are a multitude of different ways [businesses can help protect their employees and their customers from these attacks](https://www.paloaltonetworks.com/blog/2020/04/network-working-from-home/?ts=markdown). Protecting endpoints, using [VPNs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-vpn?ts=markdown), patching systems with completely up to date software and using multi-factor authentication are great examples of low-hanging fruit that enable greater protection. But one threat vector that's easily addressed with high impact is being overlooked: securing your DNS traffic.

Every connection with the internet starts with a [DNS query](https://www.paloaltonetworks.com/cyberpedia/what-is-dns?ts=markdown). DNS is required for mission-critical applications, websites and resources across your network. Securing DNS is essential to your network security. Millions of malicious domains already exist and thousands of new malicious domains are created every day. In fact, our Unit 42 threat research team has [logged over 100,000 new potentially phony web domains](https://unit42.paloaltonetworks.com/covid19-cyber-threats/) registered with words including "covid," "virus" and "corona" in their names, in just the past few weeks.

Attackers have increasingly used DNS to spread malware and steal data by hiding within DNS traffic itself. Because DNS is necessary for business and therefore ubiquitous, it's easy to hide in the high volume of traffic. By securing your DNS you're protecting against malware and other forms of advanced attacks that may include domain generation algorithms and tunneling. According to our [Unit 42](https://unit42.paloaltonetworks.com/) threat research team, over [80% of malware uses DNS to establish command-and-control channels to exfiltrate data](https://cdw-prod.adobecqms.net/content/dam/cdw/on-domain-cdw/brands/palo-alto-networks/stop-attackers-from-using-dns-against-you.pdf). Securing your DNS traffic has a tremendous impact, with [over a third of breaches preventable through DNS-level security](https://www.globalcyberalliance.org/dns-economic-value-report/). In other words, implementing better DNS security could translate to preventing upwards of $200 billion in global losses.

The Palo Alto Networks DNS Security subscription applies predictive analytics to disrupt attacks that use DNS for command-and-control or data theft. Our cloud-based protections are always-up-to-date and scale infinitely, ![Three steps to install DNS Security as an add-on subscription for a Palo Alto Networks Next-Generation Firewall: 1) Activate your DNS Security subscription license, 2) Configure DNS policy settings, 3) Test and validate that policy actions are enforced.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/04/DNS123.png)giving your organization a critical new control point to stop attacks that use DNS. If you're already a customer, installing [DNS Security](https://www.paloaltonetworks.com/products/threat-detection-and-prevention/dns-security?ts=markdown) is as easy as turning it on. You won't need to deploy additional appliances, and since it's cloud-based, you won't have to deploy additional software or make changes to your DNS infrastructure. It's simply a matter of activating a subscription. Existing customers can [begin a 90-day free trial](https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm6HCAS) or just follow the three easy steps below to turn DNS Security on and protect DNS traffic in minutes. For more information on deploying DNS Security, see our [Step-by-Step Enablement Walkthrough](https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/threat-prevention/dns-security/enable-dns-security).

If you're not currently a customer of Palo Alto Networks firewalls in physical deployments, and you're looking into adding protection quickly, consider [Prisma Access](https://www.paloaltonetworks.com/prisma/access?ts=markdown) for cloud-delivered security.

Learn more about [DNS Security](https://www.paloaltonetworks.com/resources/datasheets/dns-security-service?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Power the New Normal with Prisma Access: Delivering Next-Gen Cybersecurity](https://www.paloaltonetworks.com/blog/2020/05/network-remote-work/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Working from Home During COVID-19: Secure Access for Remote Workers](https://www.paloaltonetworks.com/blog/2020/04/network-secure-access/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Securely Connect and Scale Remote Workforces](https://www.paloaltonetworks.com/blog/2020/03/cloud-securing-remote-workforces/)

### [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Securing US Federal Agency Remote Workers and Branch Offices](https://www.paloaltonetworks.com/blog/2020/04/network-federal-agency-remote-workers/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Secure the Future](https://www.paloaltonetworks.com/blog/category/secure-the-future/?ts=markdown)

[#### Best Practices for Video Conferencing Security](https://www.paloaltonetworks.com/blog/2020/04/network-video-conferencing-security/)

### [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Chrome Enterprise Recommended Program Includes Palo Alto Networks App](https://www.paloaltonetworks.com/blog/2020/10/chrome-enterprise-recommended/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language