DHS CISA to provide DoH and DoT servers for government use
Yesterday, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced that it plans to run DoH and DoT DNS resolution servers for federal use. However, the agency recommended that other government agencies disable DoH and DoT support on employee browsers until the CISA servers are ready for official government use.
The CISA released a memorandum yesterday that reminds agencies of the legal requirement to use a certain DNS server, EINSTEIN 3 Accelerated, for all government communications. This server was chosen because it has a sink holding capability, which blocks malicious infrastructure access that identifies harmful DNS records and blocks them. Due to the recent increase in teleworking, the CISA advised that this is necessary to mitigate cybersecurity risks.