DNS remains one of the most critical and most frequently exploited services in the environment as organizations expand their cloud workloads. Threat actors increasingly rely on DNS for malware delivery, command-and-control (C2) communications, data exfiltration and other sophisticated attacks that often evade traditional security controls.
To help organizations strengthen DNS security without increasing operational complexity, Palo Alto Networks and Amazon Web Services (AWS) are introducing our Advanced DNS Security for Amazon Route 53 Resolver DNS Firewall. Customers can now subscribe to our Early Access Program and experience the integration before its official launch.
Introducing the Early Access Program
Our Early Access Program (AWS Public Preview) to use Advanced DNS Security for Amazon Route 53 Resolver DNS Firewall is now available, with general availability (GA) planned to follow. As an Early Access participant, you’ll gain hands-on access to the solution and have the opportunity to help shape the final experience through your feedback.
Your goal might be to improve DNS threat coverage, simplify security operations, or both. Regardless, the Early Access Program provides an opportunity to evaluate how advanced DNS threat protection can extend the capabilities of Amazon Route 53 Resolver DNS Firewall while maintaining operational simplicity.
Built-In DNS Threat Protection for Resolver DNS Firewall
Resolver DNS Firewall provides organizations with foundational DNS protection and policy enforcement for AWS workloads. As DNS threats continue to evolve, many organizations are looking to complement these controls with advanced threat detection capabilities while maintaining operational simplicity.
Advanced DNS Security adds a layer of protection within Resolver DNS Firewall by combining industry-leading DNS threat intelligence with advanced detection techniques. This integration helps organizations strengthen their defenses against sophisticated DNS threats without deploying additional infrastructure, redirecting traffic for inspection or increasing operational complexity.
Broader DNS Threat Protection
Resolver DNS Firewall helps organizations establish a strong DNS security foundation in AWS. Organizations can now extend that protection with Advanced DNS Security, adding industry-leading, built-in threat intelligence and advanced DNS threat detection capabilities.
The combined solution delivers broader coverage against DNS-based attacks, including:
- C2 activity.
- DNS hijacking.
- DNS tunneling and data exfiltration.
- Emerging and previously unseen DNS threats.
- Fast flux domains.
- Malware communications.
With more than 30 advanced DNS threat detections, organizations strengthen their defenses against threats that traditional DNS controls might miss.
Simplified Security Operations
Many organizations today deploy additional security infrastructure or forward DNS traffic to centralized inspection points to achieve advanced DNS protection. While effective, these approaches can introduce architectural complexity, operational overhead and ongoing management requirements.
Advanced DNS Security for Resolver DNS Firewall simplifies this process by enabling organizations to apply Palo Alto Networks DNS threat protections directly within existing Resolver DNS Firewall policies. Security teams don’t need to deploy additional firewalls, redesign network architectures or redirect DNS traffic for inspection. They can extend advanced DNS protection across AWS environments while maintaining a streamlined operational model, resulting in stronger protection with less operational burden.
Request Early Access Today
Experience Advanced DNS Security built into Amazon Route 53 Resolver DNS Firewall. Strengthen your cloud security with greater visibility, broader threat coverage and less operational complexity.
Subscribe to Advanced DNS Security Early Access directly from your Resolver DNS Firewall console or through the AWS Marketplace listing.
Forward-Looking Statements
This blog contains forward-looking statements that involve risks, uncertainties and assumptions, including, without limitation, statements regarding the benefits, impact, or performance or potential benefits, impact or performance of our products and technologies or future products and technologies. Any unreleased services or features (and any services or features not generally available to customers) referenced in this blog or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently and generally available.