Written by Matt Heller – 3min Read
As previously discussed, the browser is at the center of the competitive efforts to dominate the end-user workspace. The convergence of Chrome and Edge to the same Chromium codebase shifted the historical ‘browser wars’ while also enabling core capabilities to accelerate. One of the most exciting changes we’re looking forward to seeing is adopting the DNS over HTTPS (DoH) solution now being implemented in browsers. Despite DoH being more of an internal and ‘low level’ service that’s invisible to users, it is likely to dramatically impact the overall browsing experience, so it deserves recognition and better awareness, especially in the enterprise community.
Setting aside the importance of the added security for DNS, the fact that HTTPS is the ‘plumbing’ for this solution is another sign of how crucial the browser and related technologies are to the modern desktop. Whether it’s the browser’s dominance as the single most used workforce application or if it’s the efficiency of the HTTPS protocol that is driving this solution, it’s clear that web-based solutions are the model for the future of IT Operations Management.
At the heart of this issue is the security enhancement of moving to DoH as we see continued exponential growth of web applications and complexity. Moving to DoH will ensure queries are encrypted. While it may not seem that disclosing what name you are trying to resolve is a security concern, there are some reasons to rethink that. Merely knowing where end users are going can provide hackers with intelligence about targets and relative value. Obviously, well-known sites wouldn’t be a surprise, but discovering where a financial institution does a great deal of Intranet activity helps target an attack.
Beyond the ability to hide what hosts are being resolved, DoH provides a layer of authentication often missing from ‘traditional’ DNS. Originally designed to deliver a (literally) nuclear proof assurance that Internet traffic would find a way even if portions of the network became unavailable, DNS relied on the notion of trust. It was designed without the idea that someone would try to maliciously direct traffic. We live with that reality every day now, so the ability to leverage HTTPS encryption and endpoint validation helps address these issues.
Adopting DoH should increase the overall user experience and speed of web page loading, based on the speed benefits of DoH versus traditional DNS resolvers. Eliminating the need to use the local resolver on the client machine may yield some performance benefits. This becomes more important as we look into the details of average web pages today that include potentially dozens of hosts serving content into a single page. This isn’t just a consumer/public site issue as enterprise sites still see pages containing content from numerous hosts.
It’s not all sunshine and roses, though; there will be some downsides to DoH. Especially as adoption takes hold and becomes more ubiquitous. Until most users have browsers with DoH enabled by default, we can expect to see limited speed or other improvements. Unlike IPv6 that required many levels of changes to deliver results, DoH is much more attainable in a shorter time. Another concern for DoH is that it will break certain types of applications like parental controls, enterprise network monitoring solutions, and content filters. Without a mechanism to interact with these tools, they will not operate properly. This should be a temporary problem as those tools develop DoH integration or redesign in such a way as to flow traffic through them using HTTPS seamlessly.
Browsers are clearly the enterprise workspace’s workhorse and continue to become a more crucial part of the environment. The moves to adopt DoH will further solidify this and underscore the need to have solutions based around a ‘browser-centric’ end-user workspace. Browsium is the leader in building tools for today’s needs, and continuously working to ensure we have the tools needed as things evolve. With our focus on the browser and it’s a critical position to the end-user workspace, Browsium can help organizations stay on top of this rapidly changing environment. Ensuring they are ready and able to deliver the solutions needed to drive their business forward without compromising or delaying while embracing the future.
