DNS filtering adds an extra layer of security to your employees’ internet use by giving you control over the websites that users access, intentionally or unintentionally. DNS filters act before a browser or other web-aware application ever connects to malicious or unauthorized sites. They can prevent user devices from becoming attack vectors and improve network performance by preventing access to bandwidth-hogging sites such as streaming services. Twingate's Secure DNS allows you to use DNS over HTTPS (DoH) for traffic outside the Twingate network, making DNS requests harder to intercept and modify. To enable DNS filtering services, you need to navigate to Settings > Secure DNS, toggle the switch to enable DoH, change the DoH resolver to Custom and add the URL for your DNS filtering service, choose a Fallback Method, and manage exceptions. This approach depends on how quickly DNS service providers spot emerging security threats. Any delay in updating a DNS filter’s blocklist leaves a window of opportunity for security breaches.