What is RPZDB?


It is the best RPZ blacklist provider you can get. Take control over your network security with the new dimension, stop malware even before they try to get you, even pulverize their attempt to send your sensitive data to the master thief.

RPZDB provides the ultimate database of blacklist data, with cutting-edge transfer and detections data, malware can be stop weeks before compared to in-house protection.


Why choose RPZDB?


Simple and Easy to Use


There are non-other blacklist provider that can provide feature as comparable and compelling as RPZDB. Being intuitive and simple to use helps end user to configure and manage their blacklist within minutes.

Works Better than others


PRZDB provides the most complete blacklist data and it is updated within minutes when a new threat is found. With the state of the art DNS transfer mechanism it works and propagate it blacklist data faster than in-house protections. RPZDB can stop infections weeks or month faster than standard in-house protections

Simplicity and Freedom


If the user does not satisfy with the list, don’t worry add a custom list, even upload it in bulk. Create your own blacklist, and propagate it to all your recursive DNS server. Configure the action for each policy either to forward to wall garden, replace it to other websites, or just don’t response to it. Further, customize your blacklist by appending time which rule are activate in a period of time in a day.

Reporting and auditing


RPZDB provides the best reporting tool and auditing tool when pair with the wall garden it provides. RPZDB will log everything about an infected client that tries to communicate with Command Center so you can locate and fix the problem. All this data will be present in beautiful and easy to digest graph.


How it works?


RPZDB implementation can be describe as Figure 1 as follow : 

  1. When a new malware or malicious website is detected by the RPZDB, they will add it to their database and directly feed it to their Subscribers.
  2. Using the state of the art DNS transfer technology, the blacklist data is transferred in real time to all the recursive DNS server that subscribe the feeds.
  3. When end user try to access a malicious websites that are in the Response Policy Zone (RPZ), the attempt will be stop at the DNS level.
  4. The user then will be redirected to a wall garden/info page that explain about the malicious site that the user try to access. The redirection can be easily customized by the administrators themselves.
  5. While, if the end user device is already infected and the malicious software tries to communicate back to its command center through DNS query, the recursive server will reacted according to the policy zone define and dismiss the request and entirely disable the malware from connecting to its masters.
  6. For audit purpose all session will be recorded systematically when the user arrive at the walled garden or the landing page and it will process and send to the RPZDB statistic server through API. This data can be access by administrator on RPZDB web interface and the data can be used to trace the source of the infection and take further actions.
Rpzflow

Figure 1