System Overview
Core Components
DNS Resolver
Built on Knot Resolver with high availability and DNSSEC support. Deploys using Anycast technology as on-premise or virtual appliance. Responds only to queries from authorized networks.
Administrative Portal
Detailed traffic overview, security policy configuration, event logging and analysis. Display and filter DNS queries, manage connected device inventory.
Agent for End Devices
Available for Android, iOS, and Windows. Automatically configures DNS resolver and provides optional DNS-over-HTTPS encryption. Protects users outside the organization network.
Threat Intelligence Database
Combines commercial and public threat databases with Czech legislation-compliant domain blacklists. Regularly updated feeds from CSIRT.CZ and other sources for malicious domain detection.
Deployment Modes
Flexible deployment options to match your organization's security posture.
Blocking Mode
Detected malicious domains are blocked immediately, preventing access to threats in real time.
Audit Mode
Logging only with no interventions. Perfect for evaluating threats before enabling enforcement.
Custom Policies
Administrator-defined protection levels by threat type. Fine-tune blocking rules to your organization's needs.
System Integration
DNS Patrol connects to your existing security monitoring tools with alert and notification support.