1. About the UK Public Sector DNS service
The UK Public Sector DNS Service is one of the NCSC’s most widely deployed Active Cyber Defence capabilities across the public sector to date, and has been outlined as a top priority for government departments in enabling them to become more cyber resilient.
On average, the service is actively blocking 70,000 attempts to access known malicious sites each week. We will continue to use the metrics we generate to build our understanding and improve the prevention of malicious cyber activity.
What do we mean by DNS?
The Domain Name System (DNS) is often referred to as 'the address book of the Internet’. It acts as a directory of contacts containing:
- the contact name (that is, domain names)
- telephone numbers associated with that name (that is, IP addresses)
Every time you enter a web address in you browser, your computer uses DNS to translate the domain name of the site you wish to connect to. So google.com is translated into an IP address like 126.96.36.199.
The NCSC has partnered with Government Digital Services (GDS) and Nominet UK to provide two reliable and secure DNS services for the public sector:
- an internet DNS service (available now)
- a PSN (public sector network) DNS Service (coming soon)
The internet DNS is a resolver only, so you can use it without needing to move your existing internet DNS records. The PSN DNS is both a resolver and an authoritative name server for PSN.
For full information on the terms of service, please visit the UK Public Sector DNS Service page.
If you are an existing PSN user and lead technical contact for your organisation, you can register for both the internet and PSN DNS services now. This saves you having to re-register for the PSN DNS service when it becomes available. Registration can be completed by accessing the DNS Support Tool (see below for the steps to follow).
Organisations using the PSN should have received an invite to join the UK Public Sector DNS service from the PSN Service Desk. If you've not received your invite, please let us know by contacting email@example.com or you can register directly using the DNS Support Tool.
2. Service eligibility
The UK Public Sector DNS Service is currently available to all public sector organisations. Primary organisations include:
- central government
- local government
- emergency services
- health and social care community
If you think your organisation may be eligible for the UK Public Sector DNS Service, and would like to find out more, please get in touch by contacting us directly at firstname.lastname@example.org.
Private sector organisations
The UK Public Sector DNS Service is not currently available to private sector or Critical National Infrastructure (CNI) organisations.
3. Benefits of the service
- Greater organisational cyber resilience protecting users from known malicious sites.
- Informing and supporting UK government cyber incident response functions to manage the impact of cyber attacks.
- 'Free at point of use' - the service is centrally funded by the NCSC.
4. Register for the service
To register, you'll need to identify two people from within your organisation:
- A primary technical point of contact: someone responsible for the connectivity of your organisation’s network. This person will have an account on the online support tool, can make changes to your DNS configuration, and give access to other team members.
- A commercial or business point of contact: someone responsible for business decisions concerning your IT. This person doesn’t have an account on the online support tool. We just need an initial authorisation from this person.
To register for the UK Public Sector DNS Service, you can follow these steps:
- As the primary technical point of contact go to the UK public sector DNS services online support tool, and select Request an account. We’ll check your details and send you an invitation email to set up your account.
- Follow the instructions in the invitation email and log into the online support tool, choose Request authorisation to use a DNS. If you are a PSN user, make sure that you have selected both the internet DNS and PSN DNS (to avoid having to re-register for the PSN DNS at a later date). Once you’re happy with the configuration details, an email will automatically be sent to your commercial or business point of contact, for authorisation.
- To start using the UK Public Sector DNS, you'll need to make changes to your organisation’s DNS configuration. You can start with the internet DNS. We’ll let you know when you can start using the PSN DNS.
- Cancel your subscription to your previous DNS Service .
If you are having difficulties registering, please contact email@example.com and we will be happy to help get you started.
5. Find out more