Top of Page

Links to move inside this page.

  1. HOME
  2. IIJ Security Initiative
  3. FAQ

Building a data analytics platform to prevent the threat of APT and DDoS attack

Q1. What is the "opt out"?

The "opt out" is a method for indicating non-consent, either in advance or at a later time.

Q2. I am currently using an IIJ service. Will this service be a target of DNS filtering?

For details on the target IIJ services of DNS filtering, refer to "DNS filtering" in "IIJ Security Initiative".

Q3. How can I opt out?

For details on the opt out methods, refer to "Indicating non-consent (opt out)" in "IIJ Security Initiative".

Q4. When is the deadline for changing the setting if I do not want to use DNS filtering?

Please opt out before the start of DNS filtering application. For details on the application start dates, refer to "DNS filtering" in "IIJ Security Initiative".

Q5. When is the deadline for changing the setting if I do not want DNS and related logs to be analyzed for DNS filtering?

For details on the log analysis for advance evaluation, refer to "DNS filtering" in "IIJ Security Initiative".

Q6. Are users notified when DNS filtering is applied?

We have no plans to provide a function for notifying users.

Q7. Can you tell me the reason why DNS filtering was applied?

The reason is not disclosed.

Q8. What are the target record types of DNS filtering?

A and AAAA records.

Q9. Is there a difference in the response times between DNS servers with DNS filtering applied and DNS servers without DNS filtering applied?

There is no difference in response times based on whether DNS filtering is applied.

Q10. How does DNS filtering work?

When the address is contained in reputation data, it is replaced by the IP address of a server that has been prepared separately by IIJ to prevent access to the original address.

Q11. What are the specific targets for the analysis of the DNS and related communication logs?

The targets are DNS queries and communications to the server prepared separately by IIJ.

Q12. What kind of log data in DNS query will be?

1)Time 2)domain name 3)Client address(Source IP Address) 4)Response code 5)recode type. In terms of client IP address will be anonymization. However, if filtered your communication, the IP address will be preserved without anonymization for our security analysis.

Q13. What is the purpose of log acquisition and how long is it stored?

The purpose of log acquisition is that we use for customer service to internet security and creating statistics and disclosing reports.
Also, we basically store the data for 60days, however, in case of the safety of data acquisition, We might change the data store terms. If we change that terms, we will report that in IIJ web page.

Q14. What kind of contents will be in disclosing reports?

We will include the following contents in investigating period.

  • malware characteristics and risk
  • The number of address to C&C servers

Q15. How are reputation data selected?

We wii select reputation data besed on analysis by our security analysts from both data in IIJ owned security analyis platform and dataa provided by external organizations.

Q16. How is the reputation data selected?

A security analyst analyzes data received from external organizations and data from the IIJ information analysis infrastructure in order to select the reputation data.

Q17. Will I receive advance notification before the reputation data is updated?

We cannot provide any update notifications.

Q18. Can you disclose details of the reputation data?

The details are not disclosed.

Q19. Can the reputation data be customized?

We do not provide a function for customization by individual customers.

Q20. Can you provide me with the reputation data?

We have no plans to provide the reputation data.

Q21. Who can I contact with inquiries about DNS filtering?

For contact details, refer to "Contact information" in "IIJ Security Initiative".

End of the page.

Top of Page