Malicious Domain Blocking and Reporting (MDBR)

How MDBR Works

MDBR proactively blocks network traffic from an organization to known harmful web domains, helping protect IT systems against cybersecurity threats. Once an organization points its domain name system (DNS) requests to the Akamai’s DNS server IP addresses, every DNS lookup will be compared against a list of known and suspected malicious domains. Attempts to access known malicious domains such as those associated with malware, phishing, and ransomware, among other threats, will be blocked and logged. CIS will then provide reporting that includes log information for all blocked requests and assist in remediation if needed.

The service is easy to implement and requires virtually no maintenance as CIS and Akamai fully maintain the systems required to provide the service.

Akamai provides all logged data to the CIS Security Operations Center (SOC), including both successful and blocked DNS requests. This data will be utilized to perform detailed analysis and reporting for the betterment of the SLTT community and for organization-specific reporting for each SLTT organization that implements the service. CIS will provide regular reporting and intelligence services for SLTT members.

How to Sign Up for MDBR

Existing MS- and EI-ISAC members can sign up for no-cost MDBR by registering below. You will be asked to provide the following information:

• Your contact information
• Technical contact(s) for MDBR setup, troubleshooting, and general technical support
• Reporting contact(s) for receiving reports on your MDBR service
• Public IP addresses or CIDR netblocks from which your organization’s DNS queries are sent

If your organization isn’t yet an MS-ISAC or EI-ISAC member, you’ll be asked to join first.

Visit the MDBR FAQ page for additional information.View the MDBR Terms and Conditions.