DNS(Domain Name System) is the crucial & ubiquitous fabric of the Internet. While we rely on accessing websites, applications, devices using a Fully Qualified Domain Name, on a daily basis, in a network, DNS can also be extremely valuable & effective defense layer in a multi-tiered security approach. This talk will give an introduction to DNS RPZ(Response Policy Zones) and how it can be leveraged to stop threats in the network.

The key takeaways for the talk are
1. Idea of a flat network & it’s constraints
2. How malware(C2/Botnets, phishing URL’s) leverages DNS
3. How a DNS Firewall(DNS Response Policy Zones) can mitigate threats at the resolution layer
4. Lessons learned in implementing this for 100+ networks in Tier-II & Tier-III cities

The intended audience for this talk are
1. System & network administrators
2. ISP’s
3. Anyone running a network :-)

Outline -

Idea of a flat network & it’s constraints
Threats and various insecurities in the network
DNS 101
Introduction to DNS Response Policy Zones/DNS Firewall
Live demo


Swapneel Patnekar

Swapneel is the CEO at Shreshta IT and a network security engineer working in Information Security for 15+ years.

He has been a board member of the India Internet Engineering Society(IIESOC). He has been a Program Committee member of Indian Network Operators Group(INNOG) and APNIC conferences.

He is an APNIC Community Trainer and has delivered workshops in Myanmar, Papua New Guinea, and Bangladesh on Information Security, Network Security, and DNS/DNSSEC. He is also a member of the Forum of Incident Response and Security Teams (FIRST) DNS Abuse SIG.

He is a prolific speaker, and most recently, he has presented at numerous international security and privacy conferences such as sdns2021, SANOG37, BSides Dayton, 2020 FIRST Virtual Symposium for Latin America and the Caribbean, APNIC50, UKNOF July, APNIC NFH SEA, LKNOG3.


Starts at Saturday May 23 2020, 10:20 AM. The sessions runs for 30 minutes.