This week Microsoft announced a new commitment to improving the security of its products, above all other projects. Coincidentally, Microsoft also announced a new security feature that will be added to a future version of Windows.

In 2020, Microsoft announced the Zero Trust Deployment Center for Business. In case you are not aware of what Zero Trust means, it is a term used to describe a network security model where every network request for access must be authenticated, authenticated and encrypted before that access is granted.

in a blog post This week, Microsoft announced that it has launched a private preview of Zero Trust DNS. This upcoming Windows feature is designed for businesses to make their PCs connect only to approved networks.

Zero Trust DNS uses both the Windows DNS client and the Windows Filtering Platform (WFP). Here’s what happens when this feature is enabled:

Windows will block all outgoing IPv4 and IPv6 traffic except for connections to the protective DNS servers as well as DHCP, DHCPv6, and NDP traffic needed to discover network connectivity information.

Microsoft hopes that administrators using Zero Trust DNS in their security deployments will be able to block any network traffic where the domain name cannot be recognized. It added:

This makes the use of hard-coded IP addresses or unconfirmed encrypted DNS servers irrelevant without having to introduce TLS termination and missing out on the security benefits of end-to-end encryption.

As we mentioned, Zero Trust DNS is currently in private preview testing. However, Microsoft says it will be included for members of the Windows Insider program to try at some point in the future. Administrators who want more information about the feature Can check out this blog postShowing how certain apps and services may be affected by using Zero Trust DNS.

Photo via Depositphotos