New Quad9 DNS Service Makes the Internet Safer and More Private

IBM has long advocated for strong and innovative means to enhance privacy and data protection, and we are pleased to announce our latest investment in privacy-enhancing technology with the new Quad9 Domain Name System (DNS) offering. Created in collaboration with Packet Clearing House (PCH) and the Global Cyber Alliance (GCA), Quad9 goes far beyond standard DNS name resolution, with four key areas of focus.

  • Privacy: Unlike many other DNS services, Quad9 makes use of aggregated data, but by design does not store, correlate or otherwise employ any personally identifiable information (PII). Quad9 does not and never will share any of its data with marketers, nor will it use this data for demographic analysis.

  • Security: Quad9 makes security a chief priority to deliver superior protection against cybercrime networks and malware, integrating security analysis from individual machines’ DNS queries to global trends.

  • Scalability: Quad9 leverages PCH’s long history of providing highly robust DNS back-end infrastructure, including over 160 points of presence around the world.

  • Ease of use: Administrators can easily configure endpoint devices to point to the Quad9 DNS server at address 9.9.9.9.

Commitment to Collaborative Defense

Building on our investment in collaborative defense with this new offering, IBM is teaming with two well-established nonprofits committed to a shared vision of a private, secure internet. PCH is a nonprofit entity responsible for providing operational support and security for internet infrastructure, including the core of DNS, with crucial coordination tasks for internet exchange (peering) points. PCH also operates a critical infrastructure protection hotline communications system that links thousands of network operation centers and computer emergency response teams (CERTs).

The Global Cyber Alliance, a nonprofit coalition founded by a partnership of law enforcement and research organizations, is dedicated to addressing cyber risk across borders and industries. Its focus is on concrete actions and measurable change.

Why DNS Matters

Every data transaction on the internet requires a link between originating and receiving endpoints, like a user seeking a website. Humans need a human-friendly URL, but that has to be translated into the machine-readable numeric equivalent. These internet data transactions are underpinned by domain name translation, using servers and software that rely on a distributed, trust-based system that comprise the DNS system.

It’s not just the named URLs that companies and internet users employ that use DNS services. By 2025, there will be 80 billion internet-connected, or Internet of Things (IoT), devices in homes and offices. End users aren’t able to update these devices as software misconfigurations and vulnerabilities are discovered without help from the manufacturer, so employing secure connection at the DNS level can help prevent the devices from being used for nefarious purposes.

Since the DNS servers themselves can’t tell the difference between a data packet with malicious intent and an innocent data packet checking last night’s sports scores, advanced analytics need to be implemented to identify and block the malicious traffic, as in the case of Quad9. Known malicious domains are identified through threat intelligence from IBM X-Force Exchange. Advanced analytics are performed on IP addresses to assign a risk score based on text, visual object recognition, optical character recognition (OCR), structure and linkages to other sites, and the presence of suspicious files to identify malicious IPs.

Make the Change to Quad9

DNS servers are typically assigned by your internet provider or IT department, and both consumers and businesses can make a simple change to the Dynamic Host Configuration Protocol (DHCP) to route DNS traffic through Quad9 without requiring end users to make any changes. Quad9 is and will remain freely available to anyone who wants to use it.

Visit the Quad9 website for details and videos on how to make the change to a safer, more private internet browsing experience.

Learn More About Quad9

Share this Article:
Jim Brennan

Vice President of Strategy and Offering Management, IBM Security

Jim Brennan serves as the Vice President of Strategy and Offering Management for the Security Operations & Response portfolio of IBM Security. He has over 20 years of experience in the development, management and marketing of technology products, 16 of which have been focused on information security. Jim joined IBM from Dell SecureWorks, where he led the product management team responsible for infrastructure security services. Earlier in his career, Jim spent eight years with Internet Security Systems (now part of IBM), where he held positions in research and development, product management and product marketing.Other notable roles include positions with Red Hat, EMS Technologies and the U.S. Department of Defense. Jim holds a bachelor's degree in Mechanical Engineering from the Georgia Institute of Technology, and a Master of Business Administration from the Goizueta Business School at Emory University.