Malicious Domain Blocking and Reporting (MDBR)

Minnesota IT Services (MNIT) offers Malicious Domain Blocking and Reporting (MDBR), a web security service, through a trusted vendor partner.

MDBR delivers a proven, effective, and easily deployable layer of cybersecurity defense. MNIT’s vendor designed this service in partnership with the Cybersecurity and Infrastructure Security Agency (CISA).  

MDBR is available at no cost to eligible local government entities in Minnesota. Enjoy the protection of MDBR whether users are in the office or working remotely. By setting policy that requires mobile devices and laptops to use the MDBR solution, users will be protected. 

View a PDF Summary of MDBR

How MDBR works on your network 

MDBR is a cloud-based solution that uses recursive domain name system (DNS) technology to prevent information technology (IT) systems from connecting to harmful web domains. This helps state, local, and Tribal governments limit infections related to known malware, ransomware, phishing, and other cyber threats.

MDBR blocks and logs attempts to access known malicious domains such as those associated with malware, phishing, and ransomware, among other threats.
Once an organization routes its protective DNS requests to our security servers, MDBR checks each lookup against a list of known and suspected malicious domains.
Your organization can block or allow domains based on your organization’s risk tolerance.
The vendor will provide a weekly report that includes log information for all accepted and blocked requests reaching out to known or suspected malicious domains.

Key benefits at a glance

Uses technology to prevent IT systems from connecting to known harmful web domains.
Limits infections related to malware, ransomware, phishing, and other cyber threats.
Deploys quickly and easily.
Requires little maintenance.
Protects users in the office or working remotely.
Provides visibility into risky web traffic, potential compromise indicators, and areas of greatest vulnerability.
Event reports can be scheduled to the cadence that works with your organization.
Available at no cost to eligible local governments in Minnesota.

Eligibility and cost

MDBR is available to eligible entities in Minnesota, including any city, township, local public authority, school district, special district, intrastate district, county, Tribal Nation, council of governments, regional or interstate government entity, or agency or instrumentality of a local government.

MDBR is a free service, subsidized through the federal government’s State and Local Cybersecurity Grant Program (SLCGP).

Steps to enroll in MDBR

Email MNIT’s Cyber Navigator Team with questions or to sign up for MDBR: CN.MNIT@state.mn.us.They will work through the registration process with your organization.

After you sign up, a no-charge contract will be sent for signature. A contract is required to participate.

You will need to provide: 

Your contact information 
Technical contact(s) for MDBR setup, troubleshooting, and general technical support 
Reporting contact(s) for receiving reports on your MDBR service 
Public IP addresses or Classless Inter-Domain Routing (CIDR) netblocks from which your organization’s DNS queries are sent

As the final step, you will need to point your DNS requests to the vendor’s DNS server IP addresses. This will enable MDBR to prevent attempts to access known malicious domains. 

The MDBR service can be implemented quickly and requires virtually no maintenance. 

Contact us for more information

Contact MNIT’s Cyber Navigator Team with questions or to sign up for MDBR: CN.MNIT@state.mn.us. We will work through the registration process with your organization. 

Learn more

What is the Malicious Domain Blocking and Reporting (MDBR) service?

MDBR is a web security solution that provides an additional layer of cybersecurity protection that is proven, effective, and easy to deploy. It implements recursive Domain Name System (DNS) technology that prevents IT systems from connecting to harmful web domains, helping limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain. MNIT works with a selected vendor to provide the MDBR service.
How does MDBR work?

MDBR is a cloud-based secure DNS solution specifically designed for U.S. SLTT organizations. It proactively blocks network traffic from an organization to known and suspected harmful web domains, helping protect IT systems against cybersecurity threats. Once an organization points its domain name system (DNS) requests to the vendor’s DNS server IP addresses (primary and secondary), every DNS lookup will be compared against a list of known and suspected malicious domains. Attempts to access known malicious domains such as those associated with malware, phishing, and ransomware, among other threats, will be blocked and logged. Accepted and blocked DNS request logs will be stored for a period of 30 days. The vendor will provide weekly reporting to each participating entity related to both accepted and blocked requests and assist in remediation, if needed.
How long will my organization’s information be stored? 
How often will I receive a report, and what information is included in the reports?
Can I customize an allow/block list?

Yes. The domains blocked by default are known malicious domains, so if your organization chooses to create an exception to allow a domain blocked by the default policy, it would do so based on your organization’s risk tolerance. If your organization has a list of domains that it would like blocked, we can apply that list, as well.
Does MDBR replace Albert Network Monitoring and Management?

No, the two services are not co-dependent and can be run independent of each other. However, when used in conjunction with Albert network monitoring sensors, the two services are effective in preventing ransomware and other malicious attacks from being successful. The MDBR service is easy to implement and requires virtually no maintenance, as the vendor fully maintains the systems required to provide the service.
How does MDBR differ from other DNS filtering services?
How challenging will it be to add MDBR to our environment?
Who can I contact with questions, to sign up for MDBR, or make changes to my account?