Get the latest tech news
Microsoft Preview: Zero Trust DNS (Ztdns)
Enabling domain-name-based lockdown of Windows for Zero Trust deployments in future versions of Windows
ZTDNS was designed to be interoperable by using network protocols from open standards to satisfy Zero Trust requirements such as those found in OMB M-22-09 and NIST SP 800-207. First, Windows is provisioned with a set of DoH or DoT capable Protective DNS servers; these are expected to only resolve allowed domain names. This ensures that applications and services that use the system DNS configuration will be allowed to connect to the resolved IP addresses.
Or read this on Hacker News
/cdn.vox-cdn.com/uploads/chorus_asset/file/24347780/STK095_Microsoft_04.jpg)
