IBM Corp. unveiled a new free Domain Name System (DNS) service called Quad9 last week, in partnership with the Packet Clearing House (PCH) and the Global Cyber Alliance (GCA) that boasts many benefits for users, including better security and privacy.

DNS services are used to translate visible website URLs to the IP addresses behind them. User data, such as what websites you’re visiting, where you are, and what device you’re using, are captured by most DNS services and resold to marketers, but IBM’s solution does not store, correlate, or use any personally identifiable information.

Quad9 uses real-time security threat intelligence to give users “automated immunity” by automatically blocking access to known malicious websites. Whenever a user running on Quad9 clicks on a website link or types an address into a web browser, Quad9 checks it against IBM X-Force threat intelligence, which includes more than 40 billion analyzed web pages and images, plus 17 million spam and phishing attacks monitored daily. User actions are also cross-checked with an additional 18 threat intelligence feeds like Abuse.ch, the Anti-Phishing Working Group, Netlab, and more.

Security data will be collected from Quad9 and used to “enrich” IBM X-Force to further protect Internet users.

“Leveraging threat intelligence is a critical way to stay ahead of cybercriminals,” Jim Brennan, vice president of strategy and offering management at IBM Security, says in a Nov. 16 press release. “Consumers and small businesses traditionally didn’t have free, direct access to the intelligence used by security firms to protect big businesses. With Quad9, we’re putting that data to work for the industry in an open way and further enriching those insights via the community of users. Through IBM’s involvement in Quad9, we’re applying these collaborative defense techniques while giving users greater privacy controls.”

Besides not storing personal information, the robust protection offered by Quad9 goes beyond just traditional PCs and laptops to cover Internet-connected devices like smart TVs and DVRs, as well as Internet of Things (IoT) devices like smart thermostats, connected home appliances, etc.

The IBM service is also easy to set up. All users need to do is reconfigure their DNS settings on their devices to 9.9.9.9 to reroute Internet requests and start using Quad9 as their server. For businesses, changing the DNS setting in their central DHCP server (router or Wi-Fi access point) will update all clients or devices in just a few minutes, with no action needed at end devices at all.

“Through local deployments of technology versus some distant datacenter, Quad9 works to significantly improve performance for the entire end-user experience and Internet transactions,” says Bill Woodcock, executive director of PCH. “We strongly support the values Quad9 places on end-user privacy. The personal information protections and selectable DNS encryption, DNSSEC, and blocklist that are in place show that this project is in line with PCH’s values. Quad9 will inspire trust in both individuals and businesses who understand the importance of securing their private browsing data.”

Partner power

IBM teamed up with PCH, a non-profit Internet traffic-oriented research institute, and GCA, an international non-profit tackling malicious cyber activity, for its Quad9 DNS service.

Quad9 is the brainchild of GCA, which provides “system development capabilities and brought the threat intelligence community together,” while PCH provides the network infrastructure and IBM provides the X-Force threat intelligence and easily memorable IP address (9.9.9.9).

With both PCH and GCA’s global assets, Quad9 has points of presence in over 70 locations across 40 countries at its launch, and these numbers are expected to double over the next 18 months.

“Protecting against attacks by blocking them through DNS has been available for a long time, but has not been used widely,” Phil Reitinger, president and CEO of the Global Cyber Alliance, explains. “Sophisticated corporations can subscribe to dozens of threat feeds and block them through DNS, or pay a commercial provider for the service. However, small to medium-sized businesses and consumers have been left behind – they lack the resources, are not aware of what can be done with DNS, or are concerned about exposing their privacy and confidential information. Quad9 solves these problems. It is memorable, easy to use, relies on excellent and broad threat information, protects privacy and security, and is free.”