Symantec announced Norton Everywhere today–a new approach to security that abandons the traditional PC-centric model and takes a more holistic approach to delivering security across all Internet-enabled devices. Norton DNS, a component of Norton Everywhere, provides alternative DNS servers that can be used by any Internet-connected device for a faster and more secure surfing experience.
A Symantec spokesperson commented via e-mail to say “We’re introducing Norton DNS to address the quickly growing need for web safety across all the devices that a consumer and their family might use to browse the web, from their Nintendo Wii to their new Apple iPad.”
DNS stands for Domain Name Service or Domain Name Server. You think in terms of PCWorld.com, or Google.com, or Microsoft.com, but your computer and the Web servers it is trying to communicate with don’t speak that language. The DNS servers provide the translation from a URL to an IP address that the computers and routers can understand in order to get the Web page to show up on your display.
If you ping PCWorld.com, you will find that the IP address associated with it is 126.96.36.199. You could type “http://188.8.131.52” and get to the same page, but remembering the IP address for every Web page you might want to visit is much more difficult than just typing in “pcworld.com” and letting DNS do its thing.
One form of malicious attack involves altering, or “poisoning” the information on the DNS server in order to redirect unsuspecting users to malicious sites. For example, an attacker could access an insecure DNS server and change the IP address associated with “pcworld.com” to point to a different server. When users that rely on that DNS server try to visit “pcworld.com” they will be redirected to the malicious site.
There are other DNS concerns as well. The bottom line is that DNS is critical to Web surfing and as more applications and services are Web-based, and as more devices and appliances are Web-connected, DNS becomes a prime target, and somewhat of an Achilles heel for Web security.
The Symantec spokesperson explained “The Norton DNS service works by filtering the DNS requests that are automatically created when you visit a Web page to determine if they are associated with fraud, spyware, malware or objectionable content such as pornography or violence.”
Symantec recognizes that the Internet and the Web have grown beyond the PC. Just in my home, we have two Xbox 360s, a Nintendo Wii, four Nintendo DS gaming systems, five laptops, two desktops, an iPad, two iPhones, and two other feature phones all capable of accessing the Web.
The risk to many of those platforms may be somewhat limited today, and many of them have a limited ability to install security agents or applications. The beauty of Norton DNS is that it sits between these devices and the Web, providing filtering of insecure sites and guarding against DNS security concerns without the need to install any software.
There are other public DNS services–namely OpenDNS and Google Public DNS. Google’s DNS service, like Symantec’s, is designed to provide a faster and more secure Web surfing experience. Like Symantec’s Norton DNS, the Google Public DNS also provides protection against DNS cache poisoning and other common DNS threats.
Symantec is taking a broader approach, though, by actively promoting Norton DNS for non-PC devices. According to the Symantec spokesperson “In order to use Norton DNS, the device’s DNS settings simply need to be changed to Norton’s IP addresses for the service (usually from the default DNS service set by the ISP). More advanced users will do this manually, less sophisticated users can use one of several apps for the PC or Android in order to quickly and easily set their device to use Norton DNS.”