Public Sector DNS
The service acts as a typical DNS resolver however includes a Response Policy Zone (RPZ) that is managed by NCSC and blocks resolution attempts to known-bad malicious DNS record (such as those used for phishing, malware distribution or command & control).
Where to use the service
The service can be used wherever a typical internet-facing DNS resolver is required. It can be used on end-user compute solutions (supporting laptops etc) through to in Infrastructure-as-a-Service (IaaS) environments such as AWS and Azure.
How to use the service
The service requires IP source address information to be provided to NCSC as while the solution is available on public IP space, it is not publicly available on the Internet for any organisation to use.
The Ministry of Justice (MoJ) is permitted to use the service for free as a central government organisation, but suppliers to MoJ currently are not.
Contact the MoJ Cyber Security team (firstname.lastname@example.org) to be added into MoJ’s subscription of the service.
If you have any questions or comments about this guidance, such as suggestions for improvements, please contact: email@example.com.