MDBR is available at no cost to U.S. State, Local, Tribal, and Territorial (SLTT) government members of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). It was designed in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) and Akamai.
How MDBR Works on Your Network
MDBR is a cloud-based solution that uses recursive DNS technology to prevent IT systems from connecting to harmful web domains, helping SLTTs limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain.
Malicious Domain Blocking and Reporting Data Flow
Web Security in as Little as 15 Minutes
Once an SLTT points its domain name system (DNS) requests to the Akamai’s DNS server IP addresses, every DNS lookup will be compared against MDBR's list of known and suspected malicious domains. Attempts to access known malicious domains such as those associated with malware, phishing, and ransomware, among other threats, will be blocked and logged. CIS will then provide reporting that includes log information for all blocked requests and assist in remediation, if needed.
The service can be implemented in as little as 15 minutes, and it requires virtually no maintenance, as CIS and Akamai fully maintain the systems required to provide the service.
SLTTs can enjoy the protection of MDBR whether users are in the office or working remotely. By setting policy that forces mobile devices and laptops to use the Akamai DNS system provided by the MS-ISAC, users will be protected.
What The Experts Are Saying
- We use your DNS services, and it gives peace of mind.A city IT director
- MDBR works wonderfully. Pre-pandemic concerns arose when a neighboring county had to shut down due to crypto locker. This was the red flag to take a closer look at what MSISAC resources can help. The report is good, easily digestible with actionable intelligence.A county network administrator
- We're extremely happy with MDBR. Had [commercial solution] and replaced with MDBR. Reporting is nice and easy to see at a glance everything that's being blocked.A nonprofit medical center information security architect
- We have seen an increase in blocked websites and love the protection MDBR provides.A city network security analyst
Akamai provides all logged data to CIS's 24x7x365 Security Operations Center (SOC), including both successful and blocked DNS requests. This data will be analyzed and used to enrich threat intelligence reporting for each member that uses the service as well as the SLTT community at large.
How to Sign Up for MDBR
You will be asked to provide the following information upon signing up:
- Your contact information
- Technical contact(s) for MDBR setup, troubleshooting, and general technical support
- Reporting contact(s) for receiving reports on your MDBR service
- Public IP addresses or CIDR netblocks from which your organization’s DNS queries are sent
We'll then walk your organization step by step through the registration process. As the final step, you'll need to point your DNS requests to the Akamai’s DNS server IP addresses. This will enable MDBR to prevent attempts to access known malicious domains.
*Note that if your organization isn't yet an MS-ISAC or EI-ISAC member, you’ll be asked to join first in order to take advantage of this exclusive service.