CIRA officially launches free DNS firewall for consumers

The body that regulates the .ca domain has officially launched a free domain name system (DNS) firewall service to improve privacy and security for individuals using computers, smartphones and tablets.

The Canadian Internet Registration Authority (CIRA) said the service, called Canadian Shield, is aimed at giving consumers the kind of protection from DNS attacks that the public and private sector get from commercial products.

“As a not-for-profit part our mandate is to help provide a protected internet for all Canadians, and this is one of the ways we can help improve the internet,” said Mark Gaudet, CIRA’s business development and product manager.

CIRA believes it’s the first deployment of a national, public DNS over HTTPS (DoH) service in the world.

The threat intelligence feed of the service will be provided by the federal government’s Canadian Centre for Cyber Security.

The new service leverages CIRA’s D-Zone DNS Firewall, which it sells to the public and private sectors and uses technology from Akamai Technologies. Four Canadian Shield nodes have been deployed in TekSavvy data centes in Toronto, Montreal and Vancouver.

Home routers/gateways need to be reconfigured to point DNS queries to Canadian Shield.  CIRA offers advice for setting up routers, operating systems and other internet-connected devices like Playstation, Xbox, Nintendo Switch and 3DS. There are also apps for mobile devices through the Apple App Store and Google Play.

While most Windows, Mac or Linux computers are protected by firewalls that either come with the operating system or are part of an antivirus suite, CIRA said Canadian Shield offers protection for malware that uses a domain name for spreading infection or to communicate with command and control servers.

Today’s official launch was preceded on April 3rd with early access for healthcare workers, educational institutions and small businesses.

“As Canadians have shifted to working and learning from home en masse due to COVID-19, their personal devices and home networks are vulnerable to cyber-attacks,” CIRA said in a statement. “Canadian Shield will provide enterprise-grade privacy and cybersecurity protection.”

There are three free levels of service:

  • Private – prevents the commercialization of the user’s DNS for better online privacy. This is an open recursive DNS service that offers DNS resolution but no cybersecurity or filtering. CIRA considers it private because it doesn’t a user’s IP address longer than is needed for managing the service against threats. Nor does CRIA attempt to relate it to a user or location or use it for marketing or resale purposes
  • Protected – all features of Private plus added malware, botnet and phishing protection. When a user attempts to visit a domain that contains malware or engages in phishing the request is refused. The user sees either a block page (HTTP) or it won’t resolve (HTTPs)
  • Family – all features of Protected plus added adult content blocking

“As a non-profit with no interest in monetizing user data we were able to bring together a group of great partners who are committed to protecting Canadians online–including the first-ever national deployment of DNS over HTTPS globally,” Jacques Latour, CIRA’s chief technology officer, said in a statement. “This will provide all Canadians and their families with the kind of online protection typically reserved for large institutions.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs