Enterprise DNS Filter Platform

DNS filtering
for the
modern enterprise.

VeraDNS is an enterprise DNS filter that blocks threats before a connection is ever made — network-wide, zero agents. Role-based access, Cloudflare threat intelligence, and compliance-ready audit reports built in.

See How It Works
Network-wide filtering — zero agents required Your data never leaves your network Up and running in under 60 minutes
2M+
Filter rules, auto-updated
15+
Threat categories
6
Compliance frameworks
<60min
Deploy time
veradns.io · Vera Insight Live Auto-refresh 10s ↺ Refresh V VeraDNS DNS · ON OVERVIEW Vera Insight Threat Landscape Dashboard Settings Logs & Analyze Reports Dashboard Bangkok Vera DNS Flow & Insights RISK SCORE 73 Moderate TOTAL QUERIES 473 ALLOWED 337 71.2% BLOCKED 136 28.8% LIVE QUERY FLOW Allowed Blocked CLIENTS DESTINATIONS localhost VeraDNS RESOLVER google.com github.com microsoft.com malware.wic… ubuntu.com LIVE THROUGHPUT HEALTHY 0.05 qps 3 q · last 60s p95 0ms ALLOW / BLOCK TREND LAST SAMPLE 1-11 03:07 PM
Powered by world-class threat intelligence
Cloudflare RadarURLhausPhishing.armyThreatFoxOpenPhishHaGeZiOISDTTC-CERTCloudflare RadarURLhausPhishing.armyThreatFoxOpenPhishHaGeZiOISDTTC-CERT
NIST 800-53CIS v8ISO 27001NCSCNSA CSIOFAC
How It Works

DNS filtering that works at the network level.

Zero agents. Zero client software. VeraDNS filters every DNS query on your network before a connection is ever made — every device protected automatically.

Deploy on Your Infrastructure

Install VeraDNS on your own server or VM using Docker. Point your network's DNS to VeraDNS. No data ever leaves your environment.

Every DNS Query Inspected

When any device makes a DNS request, VeraDNS evaluates it against your security policies, blocklists, and access rules in real time.

Threats Blocked Instantly

Malware, phishing, trackers, and policy-violating domains are blocked before a connection is established — protecting all devices simultaneously.

Full Visibility & Compliance

Every query, every block, every admin action is logged. Use the dashboard to investigate incidents, generate reports, and demonstrate compliance.

Access Control

Admin or Viewer. Role-based access, enforced at the API level.

Manage your team with built-in Role-Based Access Control. Admins can configure everything; Viewers have read-only access. Permissions are enforced at the API layer — not just the interface.

Three role tiers: Admin, Editor, and Viewer — each with clearly scoped permissions.

API-level enforcement: Permissions cannot be bypassed through the interface or direct API calls.

JWT authentication with secure HttpOnly cookies and configurable session expiry.

Every permission change is recorded in the audit log automatically.

Users & Role ManagementRBAC
LA
L. Admin
Admin
NE
N. Editor
Editor
AV
A. Viewer
Viewer
PermissionADMEDIVIW
View dashboard & logs
Manage blocklists
Modify DNS settings
Manage users & roles
Export audit records
Audit & Compliance

Compliance reports ready to send. One click.

Generate branded executive reports as PDF, CSV, or HTML in a single click. Mapped to NIST 800-53, CIS V8, ISO 27K, and NCSC. Ready to hand to your auditor today.

DNS Security Posture Report: resolution outcomes, latency, and top talkers — branded PDF/HTML with cover page and severity ratings.

Identity & Access Security Report: every admin action — user CRUD, group changes, login attempts — all in one export.

Stored locally, never off-box. Every export generated on your own infrastructure — no data sent to external servers.

Compliance mapped: NIST 800-53 · CIS V8 · NSA CSI · ISO 27K · NCSC — control references included in each report.

V DNS Security Posture Report Executive report · generated locally · never sent off-box PDF QUERIES 957 ALLOWED 646 BLOCKED 311 AVG LATENCY 0.0ms 67.5% allowed 32.5% blocked KEY FINDINGS High — 2 malware / phishing domains blocked at resolver Medium — 311 queries blocked across 15 categories Low — DNSSEC validation active on all upstream resolvers MAPPED TO NIST 800-53 CIS v8 ISO 27K NCSC Generate PDF CSV HTML 2026-06-04 · VeraDNS
Network Visibility

See every query. Catch every threat. In real time.

VeraDNS gives your team complete visibility into every DNS request on your network — live. Track total queries, blocked percentages, dangerous domains, and your system's Risk Score, all updating every few seconds.

Live DNS Flow Map: animated visualisation of every query — clients to resolver to destinations — with allow/block status at a glance.

Powered by Cloudflare Radar: global threat intelligence classifies every domain — Malware, Phishing, C&C, Spam — automatically, in real time.

Filter and export by client IP, domain, status, query type, or custom time range — CSV, PDF, or HTML.

Built for IT teams: trace any suspicious lookup back to the source device in seconds, without searching through logs manually.

Cloudflare Radar · Worldwide · last 24h · updated 1m ago Global threat landscape Domain check United States 37.8% China 13.6% Singapore 9.5% Canada 9.0% Nigeria 7.0% United Kingdom 2.4% DDoS ATTACK TYPE (L3/4) UDP 86.2 TCP 13.8 MITIGATION (L7) WAF 51.2 DDOS 43.2 POWERED BY Cloudflare Radar Updates every 2 min
Capabilities

One platform. Every DNS control.

From network-wide filtering to compliance reporting — everything your team needs to secure DNS, running entirely on your own infrastructure.

Network-wide filtering

Block threats before a connection is ever made — every device on your network, zero agents required.

2M+ threat rules

15+ categories from URLhaus, Phishing.army, ThreatFox, HaGeZi, OISD & TTC-CERT — updated automatically.

Cloudflare threat intel

Radar, Domain Intel & URL Scanner classify every domain — auto-block when risk ≥ 80/100.

Encrypted DNS

DoH, DoT & DoQ alongside plain DNS. Let’s Encrypt, Internal PKI or ZeroSSL certificates.

Custom rules & allowlists

Write your own rules (||domain^), quick-block services, and test any domain instantly.

Global threat landscape

Live Cloudflare Radar world map — most-attacked regions, DDoS types and WAF activity.

SIEM log forwarding

Stream query and audit logs to your SIEM platform for centralised security monitoring.

Deploy in under 60 min

Linux + Docker, fully on-premise. Up and running in under an hour, in any environment.

Granular DNS control

Upstream resolvers, DHCP, per-client policies and DNS rewrites — all in one console.

100%
On-Premise — Data Never Leaves Your Network
2
Roles — API-Enforced RBAC (admin · viewer)
<2ms
Median DNS Response Time
90+
Days Default Audit Log Retention
Pricing

Plans for every scale of deployment.

Three packages that scale with your network — plus optional security add-ons. Every plan runs on your own infrastructure; contact us for tailored pricing.

Starter
Essentials

Best for small teams and single-site offices getting started with network-wide DNS security.

2,000queries / sec
100users
RBAC — Admin & Viewer roles
Query log & Audit log
Standard blocklist library
Email support
SIEM / REST API export
Custom integration development
Most Popular
Professional
Professional

Best for growing organisations that need higher throughput, richer threat feeds, and SIEM integration.

10,000queries / sec
500users
Everything in Essentials
Extended blocklist library
SIEM & REST API export
Priority email & chat support
Custom integration development
Advanced
Advanced

Best for large enterprises and MSPs needing maximum scale, custom integrations, and 24/7 SLA support.

20,000queries / sec
1,000+users
Everything in Professional & Essentials
Custom integration development
SLA-backed 24/7 support
Security Add-ons

Optional modules — add to any package

Layer on deeper protection and insight, on top of any plan.

Advanced Threat

Deeper threat intelligence, malware sandboxing and command-and-control (C2) detection beyond the standard feeds.

Advanced Analytics

Extended dashboards, behavioural anomaly detection and custom report builders for your SOC team.

FAQ

Frequently asked questions.

What does "on-premise DNS proxy" mean for my organisation?
VeraDNS runs entirely within your own infrastructure — on-premise, private cloud, or your own VMs. No DNS queries, no configuration data, and no audit logs are transmitted to external servers. Your data sovereignty is guaranteed by design.
How does VeraDNS differ from a cloud-based DNS service?
Cloud DNS services route your queries through external servers, creating a third-party dependency and potential visibility into your network activity. VeraDNS resolves DNS entirely within your perimeter. You retain full control over your blocklists, policies, and query data — with no dependency on external availability.
What DNS protocols does VeraDNS support?
VeraDNS supports standard DNS (port 53), DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and DNSSEC validation. Encrypted DNS protocols can be enforced for internal clients to prevent query interception.
Can VeraDNS integrate with our SIEM or identity provider?
Business and Enterprise plans include REST API access for exporting audit and query logs in JSON or CSV format, compatible with Splunk, Microsoft Sentinel, Elastic, and other SIEM platforms. Enterprise plans additionally support SSO via SAML 2.0 and LDAP/Active Directory for user management.
What are the infrastructure requirements?
VeraDNS runs on any Linux server with Docker installed. Minimum recommended specification is 2 vCPU, 2 GB RAM. For high-availability deployments serving large enterprise networks, we recommend dedicated hardware or VM sizing guidance from our team.
What does the free trial include?
The 30-day trial includes full access to the Business plan features — unlimited users, complete RBAC, 90-day log retention, and REST API access. No credit card is required. Our team provides an onboarding session to assist with deployment in your environment.

Ready to secure your
network at the
DNS layer?

Request a 30-day trial and speak with our team. No commitment required.