Malicious Domain Blocking and Reporting (MDBR)

The Malicious Domain Blocking and Reporting (MDBR) service is a web security solution that provides an additional layer of cybersecurity protection that is proven, effective, and easy to deploy.

Sign Up For MDBR

MDBR is available at no cost to U.S. State, Local, Tribal, and Territorial (SLTT) government members of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). It was designed in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) and Akamai.

Watch video to learn more


How MDBR Works on Your Network

MDBR is a cloud-based solution that uses recursive DNS technology to prevent IT systems from connecting to harmful web domains, helping SLTTs limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain.


Malicious Domain Blocking and Reporting Data Flow

MDBR Secure DNS Akamai


Web Security in as Little as 15 Minutes

Once an SLTT points its domain name system (DNS) requests to the Akamai’s DNS server IP addresses, every DNS lookup will be compared against MDBR's list of known and suspected malicious domains. Attempts to access known malicious domains such as those associated with malware, phishing, and ransomware, among other threats, will be blocked and logged. CIS will then provide reporting that includes log information for all blocked requests and assist in remediation, if needed.


View our sample PDF report

The service can be implemented in as little as 15 minutes, and it requires virtually no maintenance, as CIS and Akamai fully maintain the systems required to provide the service.

SLTTs can enjoy the protection of MDBR whether users are in the office or working remotely. By setting policy that forces mobile devices and laptops to use the Akamai DNS system provided by the MS-ISAC, users will be protected.

Akamai provides all logged data to CIS's 24x7x365 Security Operations Center (SOC), including both successful and blocked DNS requests. This data will be analyzed and used to enrich threat intelligence reporting for each member that uses the service as well as the SLTT community at large.


How to Sign Up for MDBR

You will be asked to provide the following information upon signing up:

  • Your contact information
  • Technical contact(s) for MDBR setup, troubleshooting, and general technical support
  • Reporting contact(s) for receiving reports on your MDBR service
  • Public IP addresses or CIDR netblocks from which your organization’s DNS queries are sent

We'll then walk your organization step by step through the registration process. As the final step, you'll need to point your DNS requests to the Akamai’s DNS server IP addresses. This will enable MDBR to prevent attempts to access known malicious domains.

*Note that if your organization isn't yet an MS-ISAC or EI-ISAC member, you’ll be asked to join first in order to take advantage of this exclusive service.


MDBR is provided at no-cost to MS-ISAC and EI-ISAC members

MDBR Terms & Conditions MDBR FAQS

MS-ISAC

Join MS-ISAC

EI-ISAC

Join EI-ISAC

Interested in other CIS Services?

Explore your options

We value your questions and feedback

At CIS, we are committed to serving the greater IT security community.

Contact Us Today