DNS Security

DNS Security connects Breeze to your existing DNS filtering infrastructure, centralizing policy management, threat event ingestion, and analytics across your entire managed fleet.

Multi-Provider Integration

Connect to Cisco Umbrella, Cloudflare Gateway, DNSFilter, Pi-hole, OpenDNS, or Quad9 using each provider’s native API credentials. All secrets are encrypted at rest and never exposed through the platform after entry.

Policy-Based Blocking

Define domain-level blocklists and allowlists directly in Breeze. Policies sync automatically to your DNS provider through a background queue, so domain additions and removals take effect without manual provider logins or configuration exports.

Threat Categorization

Every DNS event is classified across twelve threat categories including malware, phishing, ransomware, botnet, cryptomining, and adware. Teams can filter events by category to understand the specific threat types most active across an organization.

Event Analytics and Trends

Query up to 90 days of DNS security events with filters for action, category, domain, and device. Summary statistics surface blocked query rates, top blocked domains, and the devices generating the most security events, so analysts can focus response efforts where they matter most.

Actionable Fleet Visibility

DNS threat data is scoped per organization and tied to device identities, giving MSPs a clear picture of which clients face the most DNS-layer exposure. Breeze management posture assessment also detects installed DNS filtering agents independently of the API integration, ensuring nothing is missed.